On Sat, Jul 19, 2014 at 2:32 PM, Antti Kantee <[email protected]> wrote:
> As for the points in your other mail, the more I thought about this, the
> more convinced I was that before fixing anything, cprng and rndsink should
> be looked at critically to see what their requirements really are and if
> they really need to slurp in 8k.
I think it is ok if it tries to read lots; you might have a hardware
rng that can provide it, it is just if you dont you should be
careful...
> As a mid-term hack, might just make the implementation always read from
> /dev/urandom and return some sensible amount of data.
Attached is a suggested draft patch (only patrially tested) that
defaults to arc4random or /dev/urandom, but can be overridden,
supports a max read length, removes the flaky srand stuff, and shares
all the code between the standard and fiber implementations.
diff -urN src/lib/librumpuser/Makefile rsrc/lib/librumpuser/Makefile
--- src/lib/librumpuser/Makefile 2014-07-20 12:39:21.515438184 +0100
+++ rsrc/lib/librumpuser/Makefile 2014-07-19 15:08:48.468971040 +0100
@@ -41,7 +41,7 @@
.error Unsupported rumpuser threading type: ${RUMPUSER_THREADS}
.endif
-SRCS+= rumpuser_component.c
+SRCS+= rumpuser_component.c rumpuser_random.c
SRCS+= rumpuser_file.c rumpuser_mem.c
SRCS+= rumpuser_errtrans.c rumpuser_sigtrans.c
diff -urN src/lib/librumpuser/rumpfiber.c rsrc/lib/librumpuser/rumpfiber.c
--- src/lib/librumpuser/rumpfiber.c 2014-07-20 12:39:21.515438184 +0100
+++ rsrc/lib/librumpuser/rumpfiber.c 2014-07-20 10:06:55.261029402 +0100
@@ -416,21 +416,6 @@
return 1;
}
-#ifdef RUMPUSER_USE_DEVRANDOM
- uint32_t rv;
- int fd;
-
- if ((fd = open("/dev/urandom", O_RDONLY)) == -1) {
- srandom(time(NULL));
- } else {
- if (read(fd, &rv, sizeof(rv)) != sizeof(rv))
- srandom(time(NULL));
- else
- srandom(rv);
- close(fd);
- }
-#endif
-
rumpuser__hyp = *hyp;
init_sched();
@@ -570,26 +555,6 @@
return 0;
}
-int
-rumpuser_getrandom(void *buf, size_t buflen, int flags, size_t *retp)
-{
- size_t origlen = buflen;
- uint32_t *p = buf;
- uint32_t tmp;
- int chunk;
-
- do {
- chunk = buflen < 4 ? buflen : 4; /* portable MIN ... */
- tmp = RUMPUSER_RANDOM();
- memcpy(p, &tmp, chunk);
- p++;
- buflen -= chunk;
- } while (chunk);
-
- *retp = origlen;
- ET(0);
-}
-
/* thread functions */
TAILQ_HEAD(waithead, waiter);
diff -urN src/lib/librumpuser/rumpuser.c rsrc/lib/librumpuser/rumpuser.c
--- src/lib/librumpuser/rumpuser.c 2014-07-20 12:39:21.515438184 +0100
+++ rsrc/lib/librumpuser/rumpuser.c 2014-07-19 14:54:18.580937960 +0100
@@ -63,21 +63,6 @@
return 1;
}
-#ifdef RUMPUSER_USE_DEVRANDOM
- uint32_t rv;
- int fd;
-
- if ((fd = open("/dev/urandom", O_RDONLY)) == -1) {
- srandom(time(NULL));
- } else {
- if (read(fd, &rv, sizeof(rv)) != sizeof(rv))
- srandom(time(NULL));
- else
- srandom(rv);
- close(fd);
- }
-#endif
-
rumpuser__thrinit();
rumpuser__hyp = *hyp;
@@ -275,23 +260,3 @@
raise(sig);
return 0;
}
-
-int
-rumpuser_getrandom(void *buf, size_t buflen, int flags, size_t *retp)
-{
- size_t origlen = buflen;
- uint32_t *p = buf;
- uint32_t tmp;
- int chunk;
-
- do {
- chunk = buflen < 4 ? buflen : 4; /* portable MIN ... */
- tmp = RUMPUSER_RANDOM();
- memcpy(p, &tmp, chunk);
- p++;
- buflen -= chunk;
- } while (chunk);
-
- *retp = origlen;
- ET(0);
-}
diff -urN src/lib/librumpuser/rumpuser_port.h
rsrc/lib/librumpuser/rumpuser_port.h
--- src/lib/librumpuser/rumpuser_port.h 2014-07-20 12:39:21.515438184 +0100
+++ rsrc/lib/librumpuser/rumpuser_port.h 2014-07-20 10:40:51.143762855
+0100
@@ -218,11 +218,8 @@
#define __STRING(x) #x
#endif
-#if defined(__linux__) || defined(__sun__) || defined (__CYGWIN__)
-#define RUMPUSER_RANDOM() random()
-#define RUMPUSER_USE_DEVRANDOM
-#else
-#define RUMPUSER_RANDOM() arc4random()
+#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__OpenBSD__)
+#define PLATFORM_HAS_ARC4RANDOM
#endif
#ifndef __NetBSD_Prereq__
diff -urN src/lib/librumpuser/rumpuser_random.c
rsrc/lib/librumpuser/rumpuser_random.c
--- src/lib/librumpuser/rumpuser_random.c 1970-01-01 01:00:00.000000000
+0100
+++ rsrc/lib/librumpuser/rumpuser_random.c 2014-07-20 12:36:21.563446401
+0100
@@ -0,0 +1,113 @@
+/*
+ * Copyright (c) 2014 Justin Cormack. All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "rumpuser_port.h"
+
+#if !defined(lint)
+__RCSID("$NetBSD$");
+#endif /* !lint */
+
+#include <sys/stat.h>
+#include <sys/types.h>
+
+#include <fcntl.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <rump/rumpuser.h>
+
+#include "rumpuser_int.h"
+
+#define RANDOM_TYPE_UNDEFINED -1
+#define RANDOM_TYPE_FD 0
+
+static int random_init = 0;
+static int random_fd = -1;
+static int random_type = RANDOM_TYPE_UNDEFINED;
+static size_t random_maxread = 1024;
+
+#ifdef PLATFORM_HAS_ARC4RANDOM
+#define RANDOM_TYPE_ARC4RANDOM 1
+static const char *random_default = "arc4random";
+#else
+static const char *random_default = "/dev/urandom";
+#endif
+
+int
+rumpuser_getrandom(void *buf, size_t buflen, int flags, size_t *retp)
+{
+ ssize_t rv;
+
+ if (__predict_false(random_init == 0)) {
+ char *pbuf = malloc(PATH_MAX);
+
+ if (!pbuf) {
+ abort();
+ }
+ if (rumpuser_getparam("RUMP_RANDOM_DEV", pbuf, PATH_MAX) != 0) {
+ strncpy(pbuf, random_default, PATH_MAX);
+ }
+ if (rumpuser_getparam("RUMP_RANDOM_MAXREAD", pbuf, PATH_MAX) !=
0) {
+ random_maxread = strtol(pbuf, NULL, 10);
+ }
+#ifdef PLATFORM_HAS_ARC4RANDOM
+ if (strcmp("arc4random", pbuf) == 0) {
+ random_type = RANDOM_TYPE_ARC4RANDOM;
+ }
+#endif
+ if (random_type == RANDOM_TYPE_UNDEFINED) {
+ random_fd = open(pbuf, O_RDONLY);
+ if (random_fd < 0) {
+ abort();
+ }
+ random_type = RANDOM_TYPE_FD;
+ }
+
+ free(pbuf);
+ random_init = 1;
+ }
+
+ switch (random_type) {
+#ifdef PLATFORM_HAS_ARC4RANDOM
+ case RANDOM_TYPE_ARC4RANDOM:
+ arc4random_buf(buf, buflen);
+ *retp = buflen;
+ break;
+#endif
+ case RANDOM_TYPE_FD:
+ rv = read(random_fd, buf, buflen > random_maxread ?
random_maxread : buflen);
+ if (rv < 0) {
+ ET(rv);
+ }
+ *retp = rv;
+ break;
+ default:
+ abort();
+ }
+
+ ET(0);
+}
------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
rumpkernel-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/rumpkernel-users
