From owner-svn-src-all@FreeBSD.ORG Tue Feb 17 17:46:30 2015 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 79F4F3EA; Tue, 17 Feb 2015 17:46:30 +0000 (UTC) Received: from gromit.grondar.org (grandfather.grondar.org [IPv6:2a01:348:0:15:5d59:5c20:0:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3CEB5868; Tue, 17 Feb 2015 17:46:30 +0000 (UTC) Received: from graveyard.grondar.org ([88.96.155.33] helo=gronkulator.grondar.org) by gromit.grondar.org with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.85 (FreeBSD)) (envelope-from ) id 1YNmE6-000Oxt-Ts; Tue, 17 Feb 2015 17:46:28 +0000 Subject: Re: svn commit: r278907 - head/sys/dev/random Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\)) Content-Type: multipart/signed; boundary="Apple-Mail=_6681CDEF-E521-4843-BA17-4477C37AA309"; protocol="application/pgp-signature"; micalg=pgp-sha512 X-Pgp-Agent: GPGMail 2.5b5 From: Mark R V Murray In-Reply-To: <201502171737.t1HHb1Gq035943@svn.freebsd.org> Date: Tue, 17 Feb 2015 17:46:13 +0000 Message-Id: <30B45F07-482F-44D2-B871-468709C5B3F3@grondar.org> References: <201502171737.t1HHb1Gq035943@svn.freebsd.org> To: John-Mark Gurney X-Mailer: Apple Mail (2.2070.6) X-SA-Score: -3.5 Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2015 17:46:30 -0000 --Apple-Mail=_6681CDEF-E521-4843-BA17-4477C37AA309 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hi Thanks John-Mark! M > On 17 Feb 2015, at 17:37, John-Mark Gurney wrote: >=20 > Author: jmg > Date: Tue Feb 17 17:37:00 2015 > New Revision: 278907 > URL: https://svnweb.freebsd.org/changeset/base/278907 >=20 > Log: > When the new random adaptor code was brought it in r273872, a call to > randomdev_init_reader to change read_random over to the newly = installed > adaptor was missed. This means both read_random and arc4random = (seeded > from read_random) were not returning very random data. This also > effects userland arc4random as it is seeded from kernel arc4random. >=20 > The random devices are uneffected and have returned good randomness > since the change. >=20 > All keys generated with a kernel of r273872 must be regenerated with > a kernel with this patch. Keys generated may be predictable. >=20 > Remove the warning as log is too early to print anything, and it = would > always get printed due to early use of arc4random... >=20 > Reviewed by: delphij, markm > Approved by: so (delphij) >=20 > Modified: > head/sys/dev/random/dummy_rng.c > head/sys/dev/random/random_adaptors.c > head/sys/dev/random/randomdev.c > head/sys/dev/random/randomdev.h >=20 > Modified: head/sys/dev/random/dummy_rng.c > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/sys/dev/random/dummy_rng.c Tue Feb 17 17:34:45 2015 = (r278906) > +++ head/sys/dev/random/dummy_rng.c Tue Feb 17 17:37:00 2015 = (r278907) > @@ -82,19 +82,13 @@ dummy_random_init(void) > * > * Caveat Emptor. > */ > -u_int > +void > dummy_random_read_phony(uint8_t *buf, u_int count) > { > /* If no entropy device is loaded, don't spam the console with = warnings */ > - static int warned =3D 0; > u_long randval; > size_t size, i; >=20 > - if (!warned) { > - log(LOG_WARNING, "random device not loaded/active; using = insecure pseudo-random number generator\n"); > - warned =3D 1; > - } > - > /* srandom() is called in kern/init_main.c:proc0_post() */ >=20 > /* Fill buf[] with random(9) output */ > @@ -103,8 +97,6 @@ dummy_random_read_phony(uint8_t *buf, u_ > size =3D MIN(count - i, sizeof(randval)); > memcpy(buf + i, &randval, (size_t)size); > } > - > - return (count); > } >=20 > struct random_adaptor randomdev_dummy =3D { >=20 > Modified: head/sys/dev/random/random_adaptors.c > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/sys/dev/random/random_adaptors.c Tue Feb 17 17:34:45 2015 = (r278906) > +++ head/sys/dev/random/random_adaptors.c Tue Feb 17 17:37:00 2015 = (r278907) > @@ -149,10 +149,14 @@ random_adaptor_choose(void) > (random_adaptor_previous =3D=3D NULL ? "NULL" : = random_adaptor_previous->ra_ident), > random_adaptor->ra_ident); > #endif > - if (random_adaptor_previous !=3D NULL) > + if (random_adaptor_previous !=3D NULL) { > + randomdev_deinit_reader(); > (random_adaptor_previous->ra_deinit)(); > + } > (random_adaptor->ra_init)(); > } > + > + randomdev_init_reader(random_adaptor->ra_read); > } >=20 >=20 >=20 > Modified: head/sys/dev/random/randomdev.c > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/sys/dev/random/randomdev.c Tue Feb 17 17:34:45 2015 = (r278906) > +++ head/sys/dev/random/randomdev.c Tue Feb 17 17:37:00 2015 = (r278907) > @@ -214,11 +214,11 @@ random_harvest(const void *entropy, u_in > */ >=20 > /* Hold the address of the routine which is actually called */ > -static u_int (*read_func)(uint8_t *, u_int) =3D = dummy_random_read_phony; > +static void (*read_func)(uint8_t *, u_int) =3D = dummy_random_read_phony; >=20 > /* Initialise the reader when/if it is loaded */ > void > -randomdev_init_reader(u_int (*reader)(uint8_t *, u_int)) > +randomdev_init_reader(void (*reader)(uint8_t *, u_int)) > { >=20 > read_func =3D reader; > @@ -240,5 +240,10 @@ int > read_random(void *buf, int count) > { >=20 > - return ((int)(*read_func)(buf, (u_int)count)); > + if (count < 0) > + return 0; > + > + read_func(buf, count); > + > + return count; > } >=20 > Modified: head/sys/dev/random/randomdev.h > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/sys/dev/random/randomdev.h Tue Feb 17 17:34:45 2015 = (r278906) > +++ head/sys/dev/random/randomdev.h Tue Feb 17 17:37:00 2015 = (r278907) > @@ -37,12 +37,12 @@ typedef void random_init_func_t(void); > typedef void random_deinit_func_t(void); >=20 > void randomdev_init_harvester(void (*)(const void *, u_int, u_int, = enum random_entropy_source)); > -void randomdev_init_reader(u_int (*)(uint8_t *, u_int)); > +void randomdev_init_reader(void (*)(uint8_t *, u_int)); > void randomdev_deinit_harvester(void); > void randomdev_deinit_reader(void); >=20 > /* Stub/fake routines for when no entropy processor is loaded */ > -extern u_int dummy_random_read_phony(uint8_t *, u_int); > +extern void dummy_random_read_phony(uint8_t *, u_int); >=20 > /* kern.random sysctls */ > #ifdef SYSCTL_DECL /* from sysctl.h */ >=20 -- Mark R V Murray --Apple-Mail=_6681CDEF-E521-4843-BA17-4477C37AA309 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.26 Comment: GPGTools - http://gpgtools.org iQCVAwUBVON+a958vKOKE6LNAQqzIQP9GsJmnqiQD88DWxyM35e0Pcyi+Jm3tXde MVFXvvNRpJ9h1WJLEkb7MzNfeWMCgMC4riFs1CrgCrC1iiOYl4ZmdwTRqE1vd1yI Wx/uf1AEZIPzWOJiX27c0+4WUSNQq+/rLJGjqmIOf8saVpqfzraV4IvramvT5hVS NBlhf0ALF9Q= =4eLd -----END PGP SIGNATURE----- --Apple-Mail=_6681CDEF-E521-4843-BA17-4477C37AA309--