From owner-svn-src-all@freebsd.org  Thu Jul  2 19:28:35 2015
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8835399365C;
 Thu,  2 Jul 2015 19:28:35 +0000 (UTC)
 (envelope-from amesh@juniper.net)
Received: from na01-bl2-obe.outbound.protection.outlook.com
 (mail-bl2on0117.outbound.protection.outlook.com [65.55.169.117])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
 (Client CN "mail.protection.outlook.com",
 Issuer "MSIT Machine Auth CA 2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id A5B0825F5;
 Thu,  2 Jul 2015 19:28:34 +0000 (UTC)
 (envelope-from amesh@juniper.net)
Authentication-Results: freebsd.org; dkim=none (message not signed)
 header.d=none;
Received: from juniper.net (66.129.239.11) by
 BL2PR05MB180.namprd05.prod.outlook.com (10.242.198.20) with Microsoft SMTP
 Server (TLS) id 15.1.201.16; Thu, 2 Jul 2015 19:28:25 +0000
Date: Thu, 2 Jul 2015 12:28:19 -0700
From: Arthur Mesh <amesh@juniper.net>
To: Mark R V Murray <markm@freebsd.org>
CC: "Simon J. Gerraty" <sjg@juniper.net>, <src-committers@freebsd.org>,
 <svn-src-all@freebsd.org>, <svn-src-head@freebsd.org>, <stevek@juniper.net>
Subject: Re: svn commit: r284959 - in head: . share/man/man4 share/man/man9
 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest
 sys/dev/safe sys/dev/syscons sys/dev/ubsec sys/dev/virtio/random sy...
Message-ID: <20150702192819.GL90166@juniper.net>
References: <201506301700.t5UH0jPq001498@svn.freebsd.org>
 <13981.1435792025@chaos>
 <5238A439-F25E-40F1-96D4-140460003982@FreeBSD.org>
 <22423.1435862187@chaos> <20150702184255.GH90166@juniper.net>
 <0B29F349-FB7C-4B71-A792-CE304FF72206@FreeBSD.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="Og24Z7r1sh+tVSZX"
Content-Disposition: inline
In-Reply-To: <0B29F349-FB7C-4B71-A792-CE304FF72206@FreeBSD.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Originating-IP: [66.129.239.11]
X-ClientProxiedBy: CY1PR16CA0012.namprd16.prod.outlook.com (25.162.134.150) To
 BL2PR05MB180.namprd05.prod.outlook.com (10.242.198.20)
X-Microsoft-Exchange-Diagnostics: 1; BL2PR05MB180;
 2:8AEmbV3ZydNpx97R6YvCGlL9v0LMiyYywywpjMDswX8ZD7JumYs3QFMIZ/42zPNp;
 3:q6w3NYv1Grs4MnLTAm0+cpWe5xSvf1MhCwhIMwYSpJQ2PJTeh+DPZSa8fsrre8vOe9r2Ne9+Qm+w+nXWShaTGNtvPZ/nbApf96DSiafIXoeS320Z9+J/I3jxuSBaGYtFOtns1so5O6zLYrFxIOPCKw==;
 25:cRguAN7q4l/nQEVhNLUVoI/mMKtQQGwSwFsbLlqHqOww+fwGmdlVvMzNFKVkS8xx1d+iYLak+PMp9hu9rFftsj/0av8NxtREQHiMsJhv1A3mi990Xy61D8kwSxnvZUMxs88BNKcfQqPJxGNgIku0iSAIi4wrXwzbgNR8pQMZl9+cVRZj2TgGvJ4n6dcQ2ttYhYhVFQv0RXTDkrrbzRaxXubBwlgvmlEN2BN9wU6x2FIHRavfZaHEurnv9SzoLcEi/I354XssaOzLwvgDC1m2mQ==
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BL2PR05MB180;
X-Microsoft-Exchange-Diagnostics: 1; BL2PR05MB180;
 20:Rz74pCx4xK26USmwCxo+15Nb1y0bS8uy84sCgNfAgtL4AcnmNY47x9tqRpoUnjrq2hkEmDVRO5Arf5DcbQe0s1e5NN5KbBvvsr+kDav5ZzyAbNs9W9yfFxZVkTbMfHn7lZVPttbKCBlUzCiIPMQK56DgihqChHn2NKk4DuQqlwrhqDEVQohXIHoNJ8BdQ4b3yfxW/MFO8dX7CvBz92yvQKdf/Ipep+rThe+cvgFH8/ljG4FakDhd3Nwu7Qoorp0v5uWE9RL+om3oGT4w6lY1tHSOJNsgHK8LSmaQjKCcm1zY8+0ujqSM695JMF+f7E7B6ikD+Whp45KlgI+PeYM327rkczGhfnvtTphYHan51U5qierwR1MkGcWnTrSJWVXZukfz9yo9Qrn2l2C7KpV6ILOLVKwXqnjejKBzI1UN3PuUVBeVav5nMZgGsDEsTGTORhy5S2BkI1P2131fIqIqbmfva0OlsC5UWXO6h87mVG9WnWG+8KbxHQLsJpKRoRfE;
 4:q91sP9M4C1eaKeaSxgb+MBNcHt5nY+t+m5F06g/9Sokw5lWeuJICk8HDylIBoWRJQk3KZDGORW30hGKpmcE1Uh8/h0tXmXcQz0B555UVSDYoBTtsfnODE5Q9/HNJ8OIsORIEgTeTzIBs/7tuBKFiq1OvExQgocI2xS2Wd3vpxyRWXDCr27jQR9F2j4kI+ShaJMQt97D9vBeeC/XCfRKwBEnYjOkQA+cGMLmr8g7lfHW71OZOWsBJlxobAJZsbL02AwIOM1VUQTDMgW1j1YvDDSwO+0JDMlfaR0LjLTL0nwU=
X-Microsoft-Antispam-PRVS: <BL2PR05MB1803ED2C003F446DB2F8988A6970@BL2PR05MB180.namprd05.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0;
 RULEID:(601004)(5005006)(3002001); SRVR:BL2PR05MB180; BCL:0; PCL:0; RULEID:;
 SRVR:BL2PR05MB180; 
X-Forefront-PRVS: 06259BA5A2
X-Forefront-Antispam-Report: SFV:NSPM;
 SFS:(10019020)(6009001)(24454002)(51704005)(479174004)(77156002)(62966003)(2950100001)(40100003)(77096005)(450100001)(122386002)(46102003)(93886004)(42186005)(19580405001)(19580395003)(76176999)(36756003)(33656002)(84326002)(83506001)(54356999)(87976001)(50986999)(92566002)(512954002)(5001960100002)(107886002)(33026002)(86362001)(4001350100001)(5001920100001)(110136002)(189998001)(66066001)(5890100001)(4001430100001)(2700100001);
 DIR:OUT; SFP:1102; SCL:1; SRVR:BL2PR05MB180; H:juniper.net; FPR:; SPF:None;
 MLV:sfv; LANG:en; 
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BL2PR05MB180;
 23:CWNq3ZWTuEl93b/2cjoO7Zt1FgHsYKtFrhOv8gWD51?=
 =?us-ascii?Q?1vgOxEQ2bZqEyLmjKerX4ZnN/C2bukYz0fFjIwLvsI8bzH5eD6mPt2k9w2N+?=
 =?us-ascii?Q?sdfS2/SIa2g8O647HTB7bxj/dp7PD6ChzyXBeCvAhvUwJO+5Znla84Z35Lwk?=
 =?us-ascii?Q?Fge0hLoO4KfrcH+Xn7sKvKdMXkxx49P5MizjFs2v0VQjhYHkL7fAxYpaMA00?=
 =?us-ascii?Q?EsIc1IHpuH6iSm3ojKWYWpEzL+3rNIIvu4v/9wHwCbiymQb5E0HB5MFB201/?=
 =?us-ascii?Q?ZIz5FcM7LWHasszrIVzDmFwnvCiDvTpRru1hM413/BQsKDjtmRtCTvnkdsVv?=
 =?us-ascii?Q?kmsF6ynWveZMHG7MupHvrA7Hu9pN0bXGl9iKKeg83S4d+cTo3LXX7wGeyG8S?=
 =?us-ascii?Q?+TwMRCAdo/wxlsFYKPBT5PHS1yjqEpBMVnWvp13/AxXJHkFOOUqV02VPj0li?=
 =?us-ascii?Q?Z6dgik2BV2niJDfEmf9t7svJ296bzfRnEhE75g3POSbjdpGvgj+fe5I2kL4V?=
 =?us-ascii?Q?4Kf0IrPz41OYOhehxk/HgaL3r0HVkiXQB8MZDlayj8sCShHE2w/8diR2JKZ6?=
 =?us-ascii?Q?2zvIqlpUT1hB+pxV6BblQFNBEFqdCTfSWLKuEJBt7X2G/pkROndiHhufUsNC?=
 =?us-ascii?Q?sOBFOP/bEkPJSE9mDYcgWw/LEE1OhqZ5CGx14Oc85sV9eGshRPw8E5LOBdqs?=
 =?us-ascii?Q?W34shNnngtKdkM4jN16rDyu6jNprQF1Me7Sw6GLNMjT1Jw8YfHgzCR/m7zvM?=
 =?us-ascii?Q?NLeqp/j0exkAzBfQq4wt/SSrtLktonkV68LyPi1UfEL+iyotuVc20WLnYrd5?=
 =?us-ascii?Q?C1KbeDer58Z5W1OhqJ/+O2q7i9EB+Hf7FcggJs2rxn9GrJ0VDG0U2/VETecY?=
 =?us-ascii?Q?8S0TAJ+yjtX1kF6i9FY2COYsDuOYiIqlsGlO+lzd/LyWViKJVAU8MkdgMoUw?=
 =?us-ascii?Q?ps3LXo8upQtn8hAhSujaT8d8Taw3WmzbNNKQ/aIeOc15igq2NBbVTqNNy0LZ?=
 =?us-ascii?Q?ERfQ2PYDXfkp74gbv6Qle/Mt5W1dpM732muDQZeBmFIasGjs0WTeGYP9Q/xq?=
 =?us-ascii?Q?rGZ0E=3D?=
X-Microsoft-Exchange-Diagnostics: 1; BL2PR05MB180;
 5:AshRHaM8rrncnPTP6TjBA5Vs71quyMGUs2WZ3cUY+bT8jM7iu7mpYUTXzkDcRpN2CHtibi2Jsf1uwxbjAP771uNcv3Ptc0Uigoy9bFe0qWD2388W2ErgJ2WK44neokuTAZOWQLpX6V3CE/DLApUS6g==;
 24:9DghYsQ4XPhV6A7ctfhZxpYG0E20tQuKobdJmOa366NXrJV7Byam6TpPu5ik9eisCso9iPYcso1CnwMaT1tZrjRUorxCXFOTFSiLY6pWpxg=;
 20:oDatdTxWapRXYC6eo33FTlVcP+v8PvecXQecfG6oeTnxm8aWU5wifeNC4w0txVEHhNmuRkTOyhuJ5TFg5dLy6Q==
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Jul 2015 19:28:25.0746 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2PR05MB180
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2015 19:28:35 -0000

--Og24Z7r1sh+tVSZX
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jul 02, 2015 at 08:21:31PM +0100, Mark R V Murray wrote:
> > I.e., if the box is configured to boot in FIPS mode, it should use NIST
> > SP800-90 HMAC-DRBG adaptor. Otherwise, it uses the default FreeBSD
> > adaptor (Fortuna I guess).
>=20
> No problem!
>=20
> Could you please let me know your implementation???s API? If I have that,
> or at least an approximation, I can make a framework in which you can
> insert your code.

Sure, Here is the shim between HMAC_DRBG and struct random_adaptor (that
used to plug-in before removal on 2015/6/30).

/*
 * $Id: $
 *
 * Copyright (c) 2014, Juniper Networks, Inc.
 * All rights reserved.
 */

#include <sys/cdefs.h>
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/fcntl.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/module.h>
#include <sys/mutex.h>
#include <sys/poll.h>
#include <sys/random.h>
#include <sys/sysctl.h>
#include <sys/selinfo.h>

#include <opencrypto/cryptodev.h>
#include <opencrypto/xform.h>
#include <dev/random/randomdev.h>
#include <dev/random/randomdev_soft.h>
#include <dev/random/random_harvestq.h>
#include <dev/random/random_adaptors.h>

#include "hmac.h"
#include "hmac_shim.h"
#include "hmac_drbg.h"
#include "hmac_drbg_adaptor.h"
#include "health_tests.h"
#include "debug.h"

/*
 * The context mutex protects the consistency of the hmac_drbg state
 */
struct mtx drbg_mtx;

static int hmac_drbg_security_level =3D 256;

/*
 * hmac_drbg context
 */
static struct random_hmac_drbg_s drbg_ctx;

static void random_hmac_drbg_init(void);
static void random_hmac_drbg_deinit(void);
static int random_hmac_drbg_block(int);
static int random_hmac_drbg_read(void *, int);
static void random_hmac_drbg_write(void *, int);
static int random_hmac_drbg_poll(int, struct thread *);
static void random_hmac_drbg_reseed(void);
void random_hmac_drbg_unblock(void);

struct random_adaptor random_hmac_drbg =3D {
	.ident =3D "Software, HMAC DRBG, NIST 800-90A",
	.init =3D random_hmac_drbg_init,
	.deinit =3D random_hmac_drbg_deinit,
	.block =3D random_hmac_drbg_block,
	.read =3D random_hmac_drbg_read,
	.poll =3D random_hmac_drbg_poll,
	.reseed =3D random_hmac_drbg_reseed,
	.seeded =3D 0,
};

/* entropy bit counter */
uint64_t random_hmac_drbg_ecount;

void
random_hmac_drbg_unblock(void)
{

	if (!random_hmac_drbg.seeded) {
		random_hmac_drbg.seeded =3D 1;
		selwakeuppri(&random_hmac_drbg.rsel, PUSER);
		wakeup(&random_hmac_drbg);
	}
}

static void
hmac_drbg_process_event(struct harvest *event)
{

	/* If entropy health test fails, discard the entropy */
	if (entropy_health_test(event) !=3D 0) {
		return;
	}

	/*
	 * Feed noise in to our DRBG.
	 * Performance optimization: even though not all fields in event are
	 * entropic, it's much faster to call random_hmac_drbg_write() on the
	 * whole struct, vs calling random_hmac_drbg_write() separately for
	 * event->somecounter and event->entropy.
	 */
	random_hmac_drbg_write(event, sizeof(*event));

	random_hmac_drbg_ecount +=3D event->bits;

	if (random_hmac_drbg_ecount >=3D hmac_drbg_security_level)
		random_hmac_drbg_unblock(); /* Unblock random(4) */
}

void
random_hmac_drbg_init(void)
{
	int error;

	mtx_init(&drbg_mtx, "hmac_drbg context mutex", NULL, MTX_DEF);
	error =3D hmac_drbg_init(&drbg_ctx, NULL);
	KASSERT(error =3D=3D 0, ("hmac_drbg_init() failure: %d\n", error));

	random_harvestq_init(hmac_drbg_process_event);

	/* Register the randomness harvesting routine */
	randomdev_init_harvester(random_harvestq_internal,
	    random_hmac_drbg_read);
}

static void
random_hmac_drbg_deinit(void)
{

	mtx_destroy(&drbg_mtx);
}

static int
random_hmac_drbg_block(int flag)
{
	int error =3D 0;

	mtx_lock(&drbg_mtx);

	while (!random_hmac_drbg.seeded && !error) {
		if (flag & O_NONBLOCK)
			error =3D EWOULDBLOCK;
		else {
			printf("Entropy device is blocking.\n");
			error =3D msleep(&random_hmac_drbg,
			    &drbg_mtx, PUSER | PCATCH, "block", 0);
		}
	}

	mtx_unlock(&drbg_mtx);

	return (error);
}

static int
random_hmac_drbg_read(void *buf, int count)
{
	int error;

	mtx_lock(&drbg_mtx);

	error =3D hmac_drbg_get_bytes(&drbg_ctx, buf, count);
	KASSERT(error !=3D -1, ("hmac_drbg_get_bytes() failure: %d\n",
	    error));

	mtx_unlock(&drbg_mtx);

	return(error !=3D -1 ? count : 0);
}

static void
random_hmac_drbg_write(void *buf, int count)
{
	int error;

	mtx_lock(&drbg_mtx);

	error =3D hmac_drbg_update(&drbg_ctx, buf, count);
	KASSERT(error =3D=3D 0, ("hmac_drbg_update() failure: %d\n", error));

	mtx_unlock(&drbg_mtx);
}

static int
random_hmac_drbg_poll(int events, struct thread *td)
{
	int revents =3D 0;
	mtx_lock(&drbg_mtx);

	if (random_hmac_drbg.seeded)
		revents =3D events & (POLLIN | POLLRDNORM);
	else
		selrecord(td, &random_hmac_drbg.rsel);

	mtx_unlock(&drbg_mtx);

	return (revents);
}

static void
random_hmac_drbg_reseed(void)
{

	/* Command a entropy queue flush and wait for it to finish */
	random_kthread_control =3D 1;
	while (random_kthread_control)
		pause("-", hz / 10);

}

static int
random_hmac_drbg_modevent(module_t mod, int type, void *unused)
{
	switch(type) {
	case MOD_LOAD:
		/* Initialize health tests */
		health_tests_init();

		random_adaptor_register("hmac-drbg", &random_hmac_drbg);
		/*
		 * For statically built kernels that contain both device
		 * random and options PADLOCK_RNG/RDRAND_RNG/etc..,
		 * this event handler will do nothing, since the random
		 * driver-specific handlers are loaded after these HW
		 * consumers, and hence hasn't yet registered for this event.
		 *
		 * In case where both the random driver and RNG's are built
		 * as seperate modules, random.ko is loaded prior to *_rng.ko's
		 * (by dependency). This event handler is there to delay
		 * creation of /dev/{u,}random and attachment of this *_rng.ko.
		 */
		EVENTHANDLER_INVOKE(random_adaptor_attach, &random_hmac_drbg);

		return (0);
	}

	return (EINVAL);
}

RANDOM_ADAPTOR_MODULE(random_hmac_drbg, random_hmac_drbg_modevent, 1);

--=20
Arthur Mesh <amesh@juniper.net>
Juniper Networks
+1 408 936-4968

--Og24Z7r1sh+tVSZX
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAABCAAGBQJVlZDSAAoJEAi6IWerhQY4CtwMAJQZR9oh8NW1lfEwiG7OL8j4
ntEbj1OGN8sZlkicYd5ak8VHElMi3zISEBrg3P9ayYyvHXte4fSpAP9mWin7UIHk
7IRHeYwJVc7HwnAhfoAY7dFa3s2OLmK7vSJ45OpqDR9UFHOXoxP6xYfBE+1G5Wqj
oZ+5zV0BUquH7BmS8yuItSdP3uediudFkHr4umMfxzCC9Dxkt2gC6UVKryATezr/
4QfVNsxMFvZJMowAt0tbJzZdFvRY+EcvlNLeRQadqeK4fIJKuQjtav84AA6YibyI
egJ1e03qp2O0FRrUQi8zinNV7DslTCQYpRrWO2x9nNR3tfyz2ZWJQBdYSAzklGhE
3PKJJrx7TGQFYgbyj0qzz0fAFvcHYqnp13zcTdflPjfLywgWzK/LzezJUmFWYrPA
H+UMHSSptYhb9WXNGRSmcwiV9ZQhReehOiyx00t+De/1GBJF/k5glSeG+3eUqR9S
jRpH8apyUNvRhQW2uc2dOjQd1mUmnTJ+TEidR43c2g==
=wkT8
-----END PGP SIGNATURE-----

--Og24Z7r1sh+tVSZX--