From owner-svn-src-all@FreeBSD.ORG Tue Feb 17 17:37:02 2015 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B634BEF7; Tue, 17 Feb 2015 17:37:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A174367C; Tue, 17 Feb 2015 17:37:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t1HHb28r035950; Tue, 17 Feb 2015 17:37:02 GMT (envelope-from jmg@FreeBSD.org) Received: (from jmg@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t1HHb1Gq035943; Tue, 17 Feb 2015 17:37:01 GMT (envelope-from jmg@FreeBSD.org) Message-Id: <201502171737.t1HHb1Gq035943@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: jmg set sender to jmg@FreeBSD.org using -f From: John-Mark Gurney Date: Tue, 17 Feb 2015 17:37:01 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r278907 - head/sys/dev/random X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2015 17:37:02 -0000 Author: jmg Date: Tue Feb 17 17:37:00 2015 New Revision: 278907 URL: https://svnweb.freebsd.org/changeset/base/278907 Log: When the new random adaptor code was brought it in r273872, a call to randomdev_init_reader to change read_random over to the newly installed adaptor was missed. This means both read_random and arc4random (seeded from read_random) were not returning very random data. This also effects userland arc4random as it is seeded from kernel arc4random. The random devices are uneffected and have returned good randomness since the change. All keys generated with a kernel of r273872 must be regenerated with a kernel with this patch. Keys generated may be predictable. Remove the warning as log is too early to print anything, and it would always get printed due to early use of arc4random... Reviewed by: delphij, markm Approved by: so (delphij) Modified: head/sys/dev/random/dummy_rng.c head/sys/dev/random/random_adaptors.c head/sys/dev/random/randomdev.c head/sys/dev/random/randomdev.h Modified: head/sys/dev/random/dummy_rng.c ============================================================================== --- head/sys/dev/random/dummy_rng.c Tue Feb 17 17:34:45 2015 (r278906) +++ head/sys/dev/random/dummy_rng.c Tue Feb 17 17:37:00 2015 (r278907) @@ -82,19 +82,13 @@ dummy_random_init(void) * * Caveat Emptor. */ -u_int +void dummy_random_read_phony(uint8_t *buf, u_int count) { /* If no entropy device is loaded, don't spam the console with warnings */ - static int warned = 0; u_long randval; size_t size, i; - if (!warned) { - log(LOG_WARNING, "random device not loaded/active; using insecure pseudo-random number generator\n"); - warned = 1; - } - /* srandom() is called in kern/init_main.c:proc0_post() */ /* Fill buf[] with random(9) output */ @@ -103,8 +97,6 @@ dummy_random_read_phony(uint8_t *buf, u_ size = MIN(count - i, sizeof(randval)); memcpy(buf + i, &randval, (size_t)size); } - - return (count); } struct random_adaptor randomdev_dummy = { Modified: head/sys/dev/random/random_adaptors.c ============================================================================== --- head/sys/dev/random/random_adaptors.c Tue Feb 17 17:34:45 2015 (r278906) +++ head/sys/dev/random/random_adaptors.c Tue Feb 17 17:37:00 2015 (r278907) @@ -149,10 +149,14 @@ random_adaptor_choose(void) (random_adaptor_previous == NULL ? "NULL" : random_adaptor_previous->ra_ident), random_adaptor->ra_ident); #endif - if (random_adaptor_previous != NULL) + if (random_adaptor_previous != NULL) { + randomdev_deinit_reader(); (random_adaptor_previous->ra_deinit)(); + } (random_adaptor->ra_init)(); } + + randomdev_init_reader(random_adaptor->ra_read); } Modified: head/sys/dev/random/randomdev.c ============================================================================== --- head/sys/dev/random/randomdev.c Tue Feb 17 17:34:45 2015 (r278906) +++ head/sys/dev/random/randomdev.c Tue Feb 17 17:37:00 2015 (r278907) @@ -214,11 +214,11 @@ random_harvest(const void *entropy, u_in */ /* Hold the address of the routine which is actually called */ -static u_int (*read_func)(uint8_t *, u_int) = dummy_random_read_phony; +static void (*read_func)(uint8_t *, u_int) = dummy_random_read_phony; /* Initialise the reader when/if it is loaded */ void -randomdev_init_reader(u_int (*reader)(uint8_t *, u_int)) +randomdev_init_reader(void (*reader)(uint8_t *, u_int)) { read_func = reader; @@ -240,5 +240,10 @@ int read_random(void *buf, int count) { - return ((int)(*read_func)(buf, (u_int)count)); + if (count < 0) + return 0; + + read_func(buf, count); + + return count; } Modified: head/sys/dev/random/randomdev.h ============================================================================== --- head/sys/dev/random/randomdev.h Tue Feb 17 17:34:45 2015 (r278906) +++ head/sys/dev/random/randomdev.h Tue Feb 17 17:37:00 2015 (r278907) @@ -37,12 +37,12 @@ typedef void random_init_func_t(void); typedef void random_deinit_func_t(void); void randomdev_init_harvester(void (*)(const void *, u_int, u_int, enum random_entropy_source)); -void randomdev_init_reader(u_int (*)(uint8_t *, u_int)); +void randomdev_init_reader(void (*)(uint8_t *, u_int)); void randomdev_deinit_harvester(void); void randomdev_deinit_reader(void); /* Stub/fake routines for when no entropy processor is loaded */ -extern u_int dummy_random_read_phony(uint8_t *, u_int); +extern void dummy_random_read_phony(uint8_t *, u_int); /* kern.random sysctls */ #ifdef SYSCTL_DECL /* from sysctl.h */