Date: Wed, 19 Sep 2012 15:08:19 -0700 From: David O'Brien <obrien@FreeBSD.org> To: Mark Murray <markm@FreeBSD.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, Ian Lepore <freebsd@damnhippie.dyndns.org>, Doug Barton <dougb@freebsd.org>, Ben Laurie <benl@freebsd.org>, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com> Subject: Re: Proposed fix; stage 1 (Was: svn commit: r239569 - head/etc/rc.d) Message-ID: <20120919220819.GB25606@dragon.NUXI.org> In-Reply-To: <E1TDHb0-000FIh-0Z@groundzero.grondar.org> References: <CAG5KPzzRxzVX-%2B9fYjRdqjY-wScbM6AA7GYtLmktgMG0Zg8iyQ@mail.gmail.com> <E1TCbSz-0007CJ-BI@groundzero.grondar.org> <CAG5KPzyJNmXRfxtPPrdc2zVCsxGtDfJT79YC3a1PNUfOOSzt8A@mail.gmail.com> <E1TCcIq-000Brr-Ex@groundzero.grondar.org> <CAG5KPzwEESg7iUb2%2B-kAN%2Bk55M95BZjh5VaSvxzSsSCVuZ9kMw@mail.gmail.com> <E1TCdlD-000C1N-4g@groundzero.grondar.org> <CAG5KPzzFO1H5Wcx34oXi09=aJqg5w%2BXWSd8fnn0Byvpy_8%2B-rA@mail.gmail.com> <E1TCpk1-000N2H-Vq@groundzero.grondar.org> <CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A@mail.gmail.com> <E1TDHb0-000FIh-0Z@groundzero.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 16, 2012 at 05:21:21PM +0100, Mark Murray wrote:
> Tweeks along the way may include reverting to the original intent of
> starting the PRNG blocked, and only unblocking once reseeded.
I hope I'm testing this incorrectly, but I think we've managed to break
this over the years.
1. Putting:
entropy_file="NO"
entropy_dir="NO"
entropy_save_sz="0" # Size of the entropy cache files.
entropy_save_num="0" # Number of entropy cache files to save.
harvest_interrupt="NO" # Entropy device harvests interrupt randomness
harvest_ethernet="NO" # Entropy device harvests ethernet randomness
harvest_p_to_p="NO" # Entropy device harvests point-to-point randomness
in /etc/rc.conf
2. Commenting out "better_than_nothing":
Index: initrandom
===================================================================
--- initrandom (revision 240709)
+++ initrandom (working copy)
@@ -77,7 +77,7 @@ initrandom_start()
;;
esac
- better_than_nothing
+ #better_than_nothing
echo -n ' kickstart'
fi
3. Boot single user and delete ${entropy_file} and ${entropy_dir}/*
4. Adding this patch (which I'd like to commit (but not changing the defaults)):
----------%<----------%<----------%<----------%<----------%<----------
Index: sys/dev/random/randomdev_soft.c
===================================================================
--- sys/dev/random/randomdev_soft.c (revision 240694)
+++ sys/dev/random/randomdev_soft.c (working copy)
@@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$");
#include <sys/poll.h>
#include <sys/proc.h>
#include <sys/random.h>
+#include <sys/sbuf.h>
#include <sys/selinfo.h>
#include <sys/sysctl.h>
#include <sys/uio.h>
@@ -72,7 +73,7 @@ struct random_systat random_yarrow = {
.write = random_yarrow_write,
.poll = random_yarrow_poll,
.reseed = random_yarrow_flush_reseed,
- .seeded = 1,
+ .seeded = 0,
};
MALLOC_DEFINE(M_ENTROPY, "entropy", "Entropy harvesting buffers");
@@ -85,7 +86,7 @@ struct mtx harvest_mtx;
/* Lockable FIFO queue holding entropy buffers */
struct entropyfifo {
- int count;
+ unsigned int count;
STAILQ_HEAD(harvestlist, harvest) head;
};
@@ -97,6 +98,9 @@ static struct entropyfifo emptyfifo;
/* Harvested entropy */
static struct entropyfifo harvestfifo[ENTROPYSOURCE];
+/* Count processed categories of randomness. */
+static unsigned long e_src_cnt[ENTROPYSOURCE];
+
/* <0 to end the kthread, 0 to let it run, 1 to flush the harvest queues */
static int random_kthread_control = 0;
@@ -114,6 +118,34 @@ random_check_boolean(SYSCTL_HANDLER_ARGS
return sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req);
}
+static int
+sysctl_random_sys_entropy_processed(SYSCTL_HANDLER_ARGS)
+{
+ struct sbuf sb;
+ int error;
+
+ sbuf_new(&sb, NULL, 256, SBUF_AUTOEXTEND);
+ sbuf_printf(&sb,
+"write=%lu/%u, keyboard=%lu/%u, mouse=%lu/%u, net=%lu/%u, interrupt=%lu/%u, pure=%lu/%u",
+ e_src_cnt[RANDOM_WRITE],
+ harvestfifo[RANDOM_WRITE].count,
+ e_src_cnt[RANDOM_KEYBOARD],
+ harvestfifo[RANDOM_KEYBOARD].count,
+ e_src_cnt[RANDOM_MOUSE],
+ harvestfifo[RANDOM_MOUSE].count,
+ e_src_cnt[RANDOM_NET],
+ harvestfifo[RANDOM_NET].count,
+ e_src_cnt[RANDOM_INTERRUPT],
+ harvestfifo[RANDOM_INTERRUPT].count,
+ e_src_cnt[RANDOM_PURE],
+ harvestfifo[RANDOM_PURE].count);
+ sbuf_trim(&sb);
+ sbuf_finish(&sb);
+ error = sysctl_handle_string(oidp, sbuf_data(&sb), sbuf_len(&sb), req);
+ sbuf_delete(&sb);
+ return (error);
+}
+
/* ARGSUSED */
void
random_yarrow_init(void)
@@ -138,7 +170,7 @@ random_yarrow_init(void)
SYSCTL_ADD_PROC(&random_clist,
SYSCTL_CHILDREN(random_sys_o),
OID_AUTO, "seeded", CTLTYPE_INT | CTLFLAG_RW,
- &random_systat.seeded, 1, random_check_boolean, "I",
+ &random_systat.seeded, 0, random_check_boolean, "I",
"Seeded State");
random_sys_harvest_o = SYSCTL_ADD_NODE(&random_clist,
@@ -166,6 +198,10 @@ random_yarrow_init(void)
OID_AUTO, "swi", CTLTYPE_INT | CTLFLAG_RW,
&harvest.swi, 0, random_check_boolean, "I",
"Harvest SWI entropy");
+ SYSCTL_ADD_PROC(&random_clist, SYSCTL_CHILDREN(random_sys_harvest_o),
+ OID_AUTO, "entropy_processed", CTLTYPE_STRING | CTLFLAG_RD,
+ NULL, 0, sysctl_random_sys_entropy_processed, "A",
+ "Number of harvested/queued entropy sources");
/* Initialise the harvest fifos */
STAILQ_INIT(&emptyfifo.head);
@@ -263,8 +299,10 @@ random_kthread(void *arg __unused)
*/
if (!STAILQ_EMPTY(&local_queue)) {
mtx_unlock_spin(&harvest_mtx);
- STAILQ_FOREACH(event, &local_queue, next)
+ STAILQ_FOREACH(event, &local_queue, next) {
random_process_event(event);
+ e_src_cnt[event->source]++;
+ }
mtx_lock_spin(&harvest_mtx);
STAILQ_CONCAT(&emptyfifo.head, &local_queue);
emptyfifo.count += local_count;
Index: sys/dev/random/harvest.c
===================================================================
--- sys/dev/random/harvest.c (revision 240694)
+++ sys/dev/random/harvest.c (working copy)
@@ -48,7 +48,12 @@ __FBSDID("$FreeBSD$");
static int read_random_phony(void *, int);
/* Structure holding the desired entropy sources */
-struct harvest_select harvest = { 1, 1, 1, 0 };
+struct harvest_select harvest = {
+ 0, /*ethernet*/
+ 0, /*pt2pt*/
+ 0, /*intr*/
+ 0, /*swi*/
+};
static int warned = 0;
/* hold the address of the routine which is actually called if
@@ -84,6 +89,12 @@ random_yarrow_deinit_harvester(void)
* XXXRW: get_cyclecount() is cheap on most modern hardware, where cycle
* counters are built in, but on older hardware it will do a real time clock
* read which can be quite expensive.
+ *
+ * @entropy Buffer of 'count' bytes of potential entropy.
+ * @count Number of bytes in 'buffer' to process.
+ * @bits Estimated number of bits of entropy in 'buffer'.
+ * @frac Estimated number of fractional bits entropy in 'buffer'.
+ * @origin Origin where this entropy was gathered.
*/
void
random_harvest(void *entropy, u_int count, u_int bits, u_int frac,
----------%<----------%<----------%<----------%<----------%<----------
5. Still lets me boot multi-user and login:
ngoc# sysctl kern.random
kern.random.yarrow.gengateinterval: 10
kern.random.yarrow.bins: 10
kern.random.yarrow.fastthresh: 192
kern.random.yarrow.slowthresh: 256
kern.random.yarrow.slowoverthresh: 2
kern.random.sys.seeded: 0
kern.random.sys.harvest.ethernet: 0
kern.random.sys.harvest.point_to_point: 0
kern.random.sys.harvest.interrupt: 0
kern.random.sys.harvest.swi: 0
kern.random.sys.harvest.entropy_processed: write=0/0, keyboard=0/0, mouse=0/0, net=0/0, interrupt=0/0, pure=0/0
Also, I'm having trouble finding the source for 'swi' harvesting.
Do you know where it is?
--
-- David (obrien@FreeBSD.org)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120919220819.GB25606>