From owner-svn-src-head@freebsd.org Wed Jan 1 00:35:04 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 010FD1E13C2; Wed, 1 Jan 2020 00:35:03 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47nXHq5v3kz3NKF; Wed, 1 Jan 2020 00:35:03 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C409F22609; Wed, 1 Jan 2020 00:35:03 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 0010Z36h050523; Wed, 1 Jan 2020 00:35:03 GMT (envelope-from cem@FreeBSD.org) Received: (from cem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 0010Z3sv050520; Wed, 1 Jan 2020 00:35:03 GMT (envelope-from cem@FreeBSD.org) Message-Id: <202001010035.0010Z3sv050520@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cem set sender to cem@FreeBSD.org using -f From: Conrad Meyer Date: Wed, 1 Jan 2020 00:35:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r356245 - in head/sys: dev/random dev/vmgenc sys X-SVN-Group: head X-SVN-Commit-Author: cem X-SVN-Commit-Paths: in head/sys: dev/random dev/vmgenc sys X-SVN-Commit-Revision: 356245 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jan 2020 00:35:04 -0000 Author: cem Date: Wed Jan 1 00:35:02 2020 New Revision: 356245 URL: https://svnweb.freebsd.org/changeset/base/356245 Log: vmgenid(4): Integrate as a random(4) source The number is public and has no "entropy," but should be integrated quickly on VM rewind events to avoid duplicate sequences. Approved by: csprng(markm) Differential Revision: https://reviews.freebsd.org/D22946 Modified: head/sys/dev/random/fortuna.c head/sys/dev/random/random_harvestq.c head/sys/dev/vmgenc/vmgenc_acpi.c head/sys/sys/random.h Modified: head/sys/dev/random/fortuna.c ============================================================================== --- head/sys/dev/random/fortuna.c Tue Dec 31 22:25:06 2019 (r356244) +++ head/sys/dev/random/fortuna.c Wed Jan 1 00:35:02 2020 (r356245) @@ -359,6 +359,13 @@ random_fortuna_process_event(struct harvest_event *eve */ pl = event->he_destination % RANDOM_FORTUNA_NPOOLS; /* + * If a VM generation ID changes (clone and play or VM rewind), we want + * to incorporate that as soon as possible. Override destingation pool + * for immediate next use. + */ + if (event->he_source == RANDOM_PURE_VMGENID) + pl = 0; + /* * We ignore low entropy static/counter fields towards the end of the * he_event structure in order to increase measurable entropy when * conducting SP800-90B entropy analysis measurements of seed material Modified: head/sys/dev/random/random_harvestq.c ============================================================================== --- head/sys/dev/random/random_harvestq.c Tue Dec 31 22:25:06 2019 (r356244) +++ head/sys/dev/random/random_harvestq.c Wed Jan 1 00:35:02 2020 (r356245) @@ -354,6 +354,7 @@ static const char *random_source_descr[ENTROPYSOURCE] [RANDOM_PURE_CCP] = "PURE_CCP", [RANDOM_PURE_DARN] = "PURE_DARN", [RANDOM_PURE_TPM] = "PURE_TPM", + [RANDOM_PURE_VMGENID] = "VMGENID", /* "ENTROPYSOURCE" */ }; Modified: head/sys/dev/vmgenc/vmgenc_acpi.c ============================================================================== --- head/sys/dev/vmgenc/vmgenc_acpi.c Tue Dec 31 22:25:06 2019 (r356244) +++ head/sys/dev/vmgenc/vmgenc_acpi.c Wed Jan 1 00:35:02 2020 (r356245) @@ -52,12 +52,14 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include #include +#include #include #ifndef ACPI_NOTIFY_STATUS_CHANGED @@ -80,6 +82,20 @@ struct vmgenc_softc { }; static void +vmgenc_harvest_all(const void *p, size_t sz) +{ + size_t nbytes; + + while (sz > 0) { + nbytes = MIN(sz, + sizeof(((struct harvest_event *)0)->he_entropy)); + random_harvest_direct(p, nbytes, RANDOM_PURE_VMGENID); + p = (const char *)p + nbytes; + sz -= nbytes; + } +} + +static void vmgenc_status_changed(void *context) { uint8_t guid[GUID_BYTES]; @@ -97,6 +113,8 @@ vmgenc_status_changed(void *context) /* Update cache. */ memcpy(sc->vmg_cache_guid, guid, GUID_BYTES); + vmgenc_harvest_all(sc->vmg_cache_guid, sizeof(sc->vmg_cache_guid)); + EVENTHANDLER_INVOKE(acpi_vmgenc_event); acpi_UserNotify("VMGenerationCounter", acpi_get_handle(dev), 0); } @@ -219,6 +237,9 @@ vmgenc_attach(device_t dev) memcpy(sc->vmg_cache_guid, __DEVOLATILE(void *, sc->vmg_pguid), sizeof(sc->vmg_cache_guid)); + random_harvest_register_source(RANDOM_PURE_VMGENID); + vmgenc_harvest_all(sc->vmg_cache_guid, sizeof(sc->vmg_cache_guid)); + AcpiInstallNotifyHandler(h, ACPI_DEVICE_NOTIFY, vmgenc_notify, dev); return (0); } @@ -238,3 +259,4 @@ static driver_t vmgenc_driver = { static devclass_t vmgenc_devclass; DRIVER_MODULE(vmgenc, acpi, vmgenc_driver, vmgenc_devclass, NULL, NULL); MODULE_DEPEND(vmgenc, acpi, 1, 1, 1); +MODULE_DEPEND(vemgenc, random_harvestq, 1, 1, 1); Modified: head/sys/sys/random.h ============================================================================== --- head/sys/sys/random.h Tue Dec 31 22:25:06 2019 (r356244) +++ head/sys/sys/random.h Wed Jan 1 00:35:02 2020 (r356245) @@ -102,6 +102,7 @@ enum random_entropy_source { RANDOM_PURE_CCP, RANDOM_PURE_DARN, RANDOM_PURE_TPM, + RANDOM_PURE_VMGENID, ENTROPYSOURCE }; _Static_assert(ENTROPYSOURCE <= 32,