Re: svn commit: r366620 - in head/sys: conf dev/random/fenestrasX
> On 10 Oct 2020, at 22:45, Conrad Meyer wrote: > > Author: cem > Date: Sat Oct 10 21:45:59 2020 > New Revision: 366620 > URL: https://svnweb.freebsd.org/changeset/base/366620 > > Log: > Add "Fenestras X" alternative /dev/random implementation This is a much needed improvement to the (CS)PRNG, as we are now supporting SMTP architectures with many cores, where this should shine! I have not had the time to do the work myself, so I'm delighted that *someone* got to it! Thanks, Conrad! M -- signature.asc Description: Message signed with OpenPGP
svn commit: r365028 - head
Author: markm Date: Tue Sep 1 08:02:12 2020 New Revision: 365028 URL: https://svnweb.freebsd.org/changeset/base/365028 Log: Add a pointer to csprng@ for the CSPRNG driver. This is enforced anyway by subversion. Modified: head/MAINTAINERS Modified: head/MAINTAINERS == --- head/MAINTAINERSTue Sep 1 07:56:28 2020(r365027) +++ head/MAINTAINERSTue Sep 1 08:02:12 2020(r365028) @@ -82,6 +82,8 @@ pci bus imp,jhb Pre-commit review requested. pmcstudy(8)rrs Pre-commit review requested. procfs des Pre-commit review requested, email only. pseudofs des Pre-commit review requested, email only. +random(4), +random(9) csprng Pre-commit discussion and review required, release/release.sh gjb,re Pre-commit review and regression tests requested. sctp rrs,tuexen Pre-commit review requested (changes need to be backported to github). ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r362466 - in head: contrib/file/magic/Magdir contrib/tcpdump lib/geom/part stand/efi/include stand/i386/boot0 sys/dev/hptmv sys/geom/part usr.bin/fortune/datfiles usr.bin/mkimg usr.sbi
> On 21 Jun 2020, at 17:41, Hans Petter Selasky wrote: > If you got a Master's degree in South Africa under Apartheid, to many people > that is still symbolic. First I've heard of it (yes, I'm South African). > https://en.wikipedia.org/wiki/Apartheid#Education > > Apartheid is not very long ago and the people that experienced this are still > alive. And many of those folks have MSc/MEng/MBA etc degrees, and are not agitating to change them. M -- signature.asc Description: Message signed with OpenPGP
Re: svn commit: r362466 - in head: contrib/file/magic/Magdir contrib/tcpdump lib/geom/part stand/efi/include stand/i386/boot0 sys/dev/hptmv sys/geom/part usr.bin/fortune/datfiles usr.bin/mkimg usr.sbi
> On 21 Jun 2020, at 14:51, Hans Petter Selasky wrote: > > On 2020-06-21 15:46, Hans Petter Selasky wrote: >> On 2020-06-21 15:45, Alexey Dokuchaev wrote: ... -#https://en.wikipedia.org/wiki/Master_boot_record#PTE +#https://en.wikipedia.org/wiki/Main_boot_record#PTE >>> Wikipedia does not have an article with this name. >> Yes, it does: >> https://en.wikipedia.org/wiki/Main_boot_record > > When you enter "main boot record" in the search field, it automagically > redirects to "master boot record". No, it doesn't. "Wikipedia does not have an article with this exact name." M -- signature.asc Description: Message signed with OpenPGP
Re: svn commit: r355747 - in head: . include lib/libc/stdlib lib/libxo
> On 14 Dec 2019, at 08:28, Conrad Meyer wrote: > > Author: cem > Date: Sat Dec 14 08:28:10 2019 > New Revision: 355747 > URL: https://svnweb.freebsd.org/changeset/base/355747 > > Log: > Deprecate sranddev(3) API > > It serves no useful purpose and wasn't as popular as its equally meritless > cousin, srandomdev(3). Good! This is many years overdue. M -- signature.asc Description: Message signed with OpenPGP
svn commit: r345981 - stable/11/sys/dev/random
Author: markm Date: Sat Apr 6 09:00:06 2019 New Revision: 345981 URL: https://svnweb.freebsd.org/changeset/base/345981 Log: Backport fixes from FreeBSD-12 to help the random(4) device thread not overwhelm the OS: a) Use the correct symbolic constant when calculating 10'ths of a second. This means that expensive reseeds happen at ony 1/10 Hz, not some kHz. b) Rate limit internal high-rate harveting efforts. This stops the harvesting thread from total overkilling the high-grade entropy- gathering work, while still being very conservatively safe. PR: 230808 Reported by: danilo,eugen Tested by:eugen Approved by: so (blanket permission granted as I am the authour of this code) Relnotes: Yes Modified: stable/11/sys/dev/random/fortuna.c stable/11/sys/dev/random/random_harvestq.c Modified: stable/11/sys/dev/random/fortuna.c == --- stable/11/sys/dev/random/fortuna.c Sat Apr 6 06:02:42 2019 (r345980) +++ stable/11/sys/dev/random/fortuna.c Sat Apr 6 09:00:06 2019 (r345981) @@ -358,7 +358,7 @@ random_fortuna_pre_read(void) if (fortuna_state.fs_pool[0].fsp_length >= fortuna_state.fs_minpoolsize #ifdef _KERNEL /* FS&K - Use 'getsbinuptime()' to prevent reseed-spamming. */ - && (now - fortuna_state.fs_lasttime > hz/10) + && (now - fortuna_state.fs_lasttime > SBT_1S/10) #endif ) { #ifdef _KERNEL Modified: stable/11/sys/dev/random/random_harvestq.c == --- stable/11/sys/dev/random/random_harvestq.c Sat Apr 6 06:02:42 2019 (r345980) +++ stable/11/sys/dev/random/random_harvestq.c Sat Apr 6 09:00:06 2019 (r345981) @@ -55,6 +55,10 @@ __FBSDID("$FreeBSD$"); #include #include +#include +#include + +#include #include #include @@ -209,8 +213,12 @@ random_sources_feed(void) /* It's an indenting error. Yeah, Yeah. */ #endif local_read_rate = atomic_readandclear_32(&read_rate); + /* Perform at least one read per round */ + local_read_rate = MAX(local_read_rate, 1); + /* But not exceeding RANDOM_KEYSIZE_WORDS */ + local_read_rate = MIN(local_read_rate, RANDOM_KEYSIZE_WORDS); LIST_FOREACH(rrs, &source_list, rrs_entries) { - for (i = 0; i < p_random_alg_context->ra_poolcount*(local_read_rate + 1); i++) { + for (i = 0; i < p_random_alg_context->ra_poolcount*local_read_rate; i++) { n = rrs->rrs_source->rs_read(entropy, sizeof(entropy)); KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%u > %zu)", __func__, n, sizeof(entropy))); /* It would appear that in some circumstances (e.g. virtualisation), ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345981 - stable/11/sys/dev/random
Author: markm Date: Sat Apr 6 09:00:06 2019 New Revision: 345981 URL: https://svnweb.freebsd.org/changeset/base/345981 Log: Backport fixes from FreeBSD-12 to help the random(4) device thread not overwhelm the OS: a) Use the correct symbolic constant when calculating 10'ths of a second. This means that expensive reseeds happen at ony 1/10 Hz, not some kHz. b) Rate limit internal high-rate harveting efforts. This stops the harvesting thread from total overkilling the high-grade entropy- gathering work, while still being very conservatively safe. PR: 230808 Reported by: danilo,eugen Tested by:eugen Approved by: so (blanket permission granted as I am the authour of this code) Relnotes: Yes Modified: stable/11/sys/dev/random/fortuna.c stable/11/sys/dev/random/random_harvestq.c Modified: stable/11/sys/dev/random/fortuna.c == --- stable/11/sys/dev/random/fortuna.c Sat Apr 6 06:02:42 2019 (r345980) +++ stable/11/sys/dev/random/fortuna.c Sat Apr 6 09:00:06 2019 (r345981) @@ -358,7 +358,7 @@ random_fortuna_pre_read(void) if (fortuna_state.fs_pool[0].fsp_length >= fortuna_state.fs_minpoolsize #ifdef _KERNEL /* FS&K - Use 'getsbinuptime()' to prevent reseed-spamming. */ - && (now - fortuna_state.fs_lasttime > hz/10) + && (now - fortuna_state.fs_lasttime > SBT_1S/10) #endif ) { #ifdef _KERNEL Modified: stable/11/sys/dev/random/random_harvestq.c == --- stable/11/sys/dev/random/random_harvestq.c Sat Apr 6 06:02:42 2019 (r345980) +++ stable/11/sys/dev/random/random_harvestq.c Sat Apr 6 09:00:06 2019 (r345981) @@ -55,6 +55,10 @@ __FBSDID("$FreeBSD$"); #include #include +#include +#include + +#include #include #include @@ -209,8 +213,12 @@ random_sources_feed(void) /* It's an indenting error. Yeah, Yeah. */ #endif local_read_rate = atomic_readandclear_32(&read_rate); + /* Perform at least one read per round */ + local_read_rate = MAX(local_read_rate, 1); + /* But not exceeding RANDOM_KEYSIZE_WORDS */ + local_read_rate = MIN(local_read_rate, RANDOM_KEYSIZE_WORDS); LIST_FOREACH(rrs, &source_list, rrs_entries) { - for (i = 0; i < p_random_alg_context->ra_poolcount*(local_read_rate + 1); i++) { + for (i = 0; i < p_random_alg_context->ra_poolcount*local_read_rate; i++) { n = rrs->rrs_source->rs_read(entropy, sizeof(entropy)); KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%u > %zu)", __func__, n, sizeof(entropy))); /* It would appear that in some circumstances (e.g. virtualisation), ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r341002 - head/sys/conf
Author: markm Date: Mon Nov 26 22:45:58 2018 New Revision: 341002 URL: https://svnweb.freebsd.org/changeset/base/341002 Log: Add dependency to allow if_muge device to be only ethernet device in stripped-down RPI3 kernel. Modified: head/sys/conf/files Modified: head/sys/conf/files == --- head/sys/conf/files Mon Nov 26 22:42:52 2018(r341001) +++ head/sys/conf/files Mon Nov 26 22:45:58 2018(r341002) @@ -3282,7 +3282,7 @@ dev/usb/net/if_urndis.c optional urndis dev/usb/net/ruephy.c optional rue dev/usb/net/usb_ethernet.c optional uether | aue | axe | axge | cdce | \ cue | ipheth | kue | mos | rue | \ -smsc | udav | ure | urndis +smsc | udav | ure | urndis | muge dev/usb/net/uhso.c optional uhso # # USB WLAN drivers ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r338324 - in head: . share/man/man4 share/man/man9 sys/arm/amlogic/aml8726 sys/arm/broadcom/bcm2835 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe sys/d...
Author: markm Date: Sun Aug 26 12:51:46 2018 New Revision: 338324 URL: https://svnweb.freebsd.org/changeset/base/338324 Log: Remove the Yarrow PRNG algorithm option in accordance with due notice given in random(4). This includes updating of the relevant man pages, and no-longer-used harvesting parameters. Ensure that the pseudo-unit-test still does something useful, now also with the "other" algorithm instead of Yarrow. PR: 230870 Reviewed by: cem Approved by: so(delphij,gtetlow) Approved by: re(marius) Differential Revision:https://reviews.freebsd.org/D16898 Deleted: head/sys/dev/random/yarrow.c head/sys/dev/random/yarrow.h head/sys/modules/random_yarrow/Makefile Modified: head/UPDATING head/share/man/man4/random.4 head/share/man/man9/random_harvest.9 head/sys/arm/amlogic/aml8726/aml8726_rng.c head/sys/arm/broadcom/bcm2835/bcm2835_rng.c head/sys/conf/NOTES head/sys/conf/files head/sys/conf/options head/sys/dev/glxsb/glxsb.c head/sys/dev/hifn/hifn7751.c head/sys/dev/random/build.sh head/sys/dev/random/fortuna.c head/sys/dev/random/other_algorithm.c head/sys/dev/random/other_algorithm.h head/sys/dev/random/random_harvestq.c head/sys/dev/random/random_harvestq.h head/sys/dev/random/randomdev.c head/sys/dev/random/unit_test.c head/sys/dev/random/unit_test.h head/sys/dev/rndtest/rndtest.c head/sys/dev/safe/safe.c head/sys/dev/syscons/scmouse.c head/sys/dev/syscons/syscons.c head/sys/dev/ubsec/ubsec.c head/sys/dev/virtio/random/virtio_random.c head/sys/dev/vt/vt_core.c head/sys/dev/vt/vt_sysmouse.c head/sys/fs/tmpfs/tmpfs_subr.c head/sys/kern/kern_intr.c head/sys/kern/subr_bus.c head/sys/mips/cavium/octeon_rnd.c head/sys/modules/Makefile head/sys/net/if_ethersubr.c head/sys/net/if_tun.c head/sys/netgraph/ng_iface.c head/sys/sys/random.h head/sys/ufs/ffs/ffs_inode.c head/sys/vm/uma_core.c head/tools/tools/sysdoc/tunables.mdoc Modified: head/UPDATING == --- head/UPDATING Sun Aug 26 05:28:17 2018(r338323) +++ head/UPDATING Sun Aug 26 12:51:46 2018(r338324) @@ -31,6 +31,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 12.x IS SLOW: disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20180826: + The Yarrow CSPRNG has been removed from the kernel as it has not been + supported by its designers since at least 2003. Fortuna has been the + default since FreeBSD-11. + 20170822: devctl freeze/that have gone into the tree, the rc scripts have been updated to use them and devmatch has been changed. You should update Modified: head/share/man/man4/random.4 == --- head/share/man/man4/random.4Sun Aug 26 05:28:17 2018 (r338323) +++ head/share/man/man4/random.4Sun Aug 26 12:51:46 2018 (r338324) @@ -23,7 +23,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 17, 2015 +.Dd August 26, 2018 .Dt RANDOM 4 .Os .Sh NAME @@ -153,26 +153,15 @@ the device is not created until an "algorithm module" is loaded. -Two of these modules -are built by default, -.Em random_fortuna -and -.Em random_yarrow . +The only module built by default is +.Em random_fortuna . The .Em random_yarrow -module is deprecated, -and will be removed in -.Fx 12. -Use of the Yarrow algorithm -is not encouraged, -but while still present -in the kernel source, -it can be selected with the -.Cd "options RANDOM_YARROW" -kernel option. -Note that these loadable modules -are slightly less efficient -than their compiled-in equivalents. +module was removed in +.Fx 12 . +Note that this loadable module +is slightly less efficient +than its compiled-in equivalent. This is because some functions must be locked against load and unload events, @@ -351,4 +340,4 @@ introduced in The Yarrow algorithm is no longer supported by its authors, -and is therefore deprecated. +and is therefore no longer available. Modified: head/share/man/man9/random_harvest.9 == --- head/share/man/man9/random_harvest.9Sun Aug 26 05:28:17 2018 (r338323) +++ head/share/man/man9/random_harvest.9Sun Aug 26 12:51:46 2018 (r338324) @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 13, 2015 +.Dd August 26, 2018 .Dt RANDOM_HARVEST 9 .Os .Sh NAME @@ -38,21 +38,18 @@ .Fo random_harvest_direct .Fa "void *entropy" .Fa "u_int size" -.Fa "u_int bits" .Fa "enum esource source" .Fc .Ft void .Fo random_harvest_fast .Fa "void *entropy" .Fa "u_int size" -.Fa "u_int bits" .Fa "enum esource source" .Fc .Ft void .Fo random_harvest_queue .Fa "void *entropy" .Fa "u_int size" -.Fa "u_int bits" .Fa "enum esource source" .Fc .Sh DESCRIPTION @@ -107,18 +10
svn commit: r338293 - head/sys/dev/random
Author: markm Date: Fri Aug 24 14:53:46 2018 New Revision: 338293 URL: https://svnweb.freebsd.org/changeset/base/338293 Log: Limit the amount of "fast" entropy. We don't need nearly as much for security, and the excess just slows things down badly. PR: 230808 Submitted by: rwmailli...@googlemail.com, but tweeked by me Reported by:Danilo Egea Gondolfo Reviewed by: cem,delphij Approved by: re(rgrimes) Approved by: so(delphij) MFC after: 1 Month Differential Revision:https://reviews.freebsd.org/D16873 Modified: head/sys/dev/random/random_harvestq.c Modified: head/sys/dev/random/random_harvestq.c == --- head/sys/dev/random/random_harvestq.c Fri Aug 24 14:53:42 2018 (r338292) +++ head/sys/dev/random/random_harvestq.c Fri Aug 24 14:53:46 2018 (r338293) @@ -57,6 +57,10 @@ __FBSDID("$FreeBSD$"); #include #include +#include +#include + +#include #include #include @@ -213,8 +217,12 @@ random_sources_feed(void) /* It's an indenting error. Yeah, Yeah. */ #endif local_read_rate = atomic_readandclear_32(&read_rate); + /* Perform at least one read per round */ + local_read_rate = MAX(local_read_rate, 1); + /* But not exceeding RANDOM_KEYSIZE_WORDS */ + local_read_rate = MIN(local_read_rate, RANDOM_KEYSIZE_WORDS); LIST_FOREACH(rrs, &source_list, rrs_entries) { - for (i = 0; i < p_random_alg_context->ra_poolcount*(local_read_rate + 1); i++) { + for (i = 0; i < p_random_alg_context->ra_poolcount*local_read_rate; i++) { n = rrs->rrs_source->rs_read(entropy, sizeof(entropy)); KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%u > %zu)", __func__, n, sizeof(entropy))); /* It would appear that in some circumstances (e.g. virtualisation), ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r338292 - head/sys/dev/random
Author: markm Date: Fri Aug 24 14:53:42 2018 New Revision: 338292 URL: https://svnweb.freebsd.org/changeset/base/338292 Log: Fix braino of mine where the reseeds would happen far too often, making the kernel process way too busy. PR: 230808 Submitted by: Conrad Meyer Reported by:Danilo Egea Gondolfo Reviewed by: cem,delphij Approved by: re(rgrimes) Approved by: so(delphij) MFC after: 1 Month Security: Yes Differential Revision:https://reviews.freebsd.org/D16872 Modified: head/sys/dev/random/fortuna.c Modified: head/sys/dev/random/fortuna.c == --- head/sys/dev/random/fortuna.c Fri Aug 24 10:50:19 2018 (r338291) +++ head/sys/dev/random/fortuna.c Fri Aug 24 14:53:42 2018 (r338292) @@ -371,7 +371,7 @@ random_fortuna_pre_read(void) if (fortuna_state.fs_pool[0].fsp_length >= fortuna_state.fs_minpoolsize #ifdef _KERNEL /* FS&K - Use 'getsbinuptime()' to prevent reseed-spamming. */ - && (now - fortuna_state.fs_lasttime > hz/10) + && (now - fortuna_state.fs_lasttime > SBT_1S/10) #endif ) { #ifdef _KERNEL ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r332791 - head/sys/modules/random
Author: markm Date: Thu Apr 19 20:31:52 2018 New Revision: 332791 URL: https://svnweb.freebsd.org/changeset/base/332791 Log: Remove empty dir no longer required. Reported by: Jung-uk Kim Deleted: head/sys/modules/random/ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r317015 - in head/sys: boot/forth conf crypto/chacha20 dev/random libkern sys
Author: markm Date: Sun Apr 16 09:11:02 2017 New Revision: 317015 URL: https://svnweb.freebsd.org/changeset/base/317015 Log: Replace the RC4 algorithm for generating in-kernel secure random numbers with Chacha20. Keep the API, though, as that is what the other *BSD's have done. Use the boot-time entropy stash (if present) to bootstrap the in-kernel entropy source. Reviewed by: delphij,rwatson Approved by: so(delphij) MFC after: 2 months Relnotes: yes Differential Revision: https://reviews.freebsd.org/D10048 --This line, and those below, will be ignored-- > Description of fields to fill in above: 76 columns --| > PR: If and which Problem Report is related. > Submitted by: If someone else sent in the change. > Reported by: If someone else reported the issue. > Reviewed by: If someone else reviewed your modification. > Approved by: If you needed approval for this commit. > Obtained from:If the change is from a third party. > MFC after:N [day[s]|week[s]|month[s]]. Request a reminder email. > MFH: Ports tree branch name. Request approval for merge. > Relnotes: Set to 'yes' for mention in release notes. > Security: Vulnerability reference (one per line) or description. > Sponsored by: If the change was sponsored by an organization. > Differential Revision:https://reviews.freebsd.org/D### (*full* phabric URL needed). > Empty fields above will be automatically removed. Added: head/sys/crypto/chacha20/chacha.c (contents, props changed) head/sys/crypto/chacha20/chacha.h (contents, props changed) Modified: head/sys/boot/forth/loader.conf head/sys/conf/files head/sys/dev/random/random_harvestq.c head/sys/dev/random/random_harvestq.h head/sys/libkern/arc4random.c head/sys/sys/libkern.h head/sys/sys/random.h Modified: head/sys/boot/forth/loader.conf == --- head/sys/boot/forth/loader.conf Sun Apr 16 09:00:10 2017 (r317014) +++ head/sys/boot/forth/loader.conf Sun Apr 16 09:11:02 2017 (r317015) @@ -48,7 +48,7 @@ bitmap_type="splash_image_data" # and pl entropy_cache_load="YES" # Set this to NO to disable loading # entropy at boot time entropy_cache_name="/boot/entropy" # Set this to the name of the file -entropy_cache_type="/boot/entropy" # Required for the kernel to find +entropy_cache_type="boot_entropy_cache"# Required for the kernel to find # the boot-time entropy cache. This # must not change value even if the # _name above does change! Modified: head/sys/conf/files == --- head/sys/conf/files Sun Apr 16 09:00:10 2017(r317014) +++ head/sys/conf/files Sun Apr 16 09:11:02 2017(r317015) @@ -3810,6 +3810,7 @@ kgssapi/gsstest.c optional kgssapi_debu # the file should be moved to conf/files. from here. # libkern/arc4random.c standard +crypto/chacha20/chacha.c standard libkern/asprintf.c standard libkern/bcd.c standard libkern/bsearch.c standard Added: head/sys/crypto/chacha20/chacha.c == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/chacha20/chacha.c Sun Apr 16 09:11:02 2017 (r317015) @@ -0,0 +1,224 @@ +/* +chacha-merged.c version 20080118 +D. J. Bernstein +Public domain. +*/ + +/* $OpenBSD: chacha.c,v 1.1 2013/11/21 00:45:44 djm Exp $ */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include + +#include + + +typedef uint8_t u8; +typedef uint32_t u32; + +typedef struct chacha_ctx chacha_ctx; + +#define U8C(v) (v##U) +#define U32C(v) (v##U) + +#define U8V(v) ((u8)(v) & U8C(0xFF)) +#define U32V(v) ((u32)(v) & U32C(0x)) + +#define ROTL32(v, n) \ + (U32V((v) << (n)) | ((v) >> (32 - (n + +#define U8TO32_LITTLE(p) \ + (((u32)((p)[0]) ) | \ + ((u32)((p)[1]) << 8) | \ + ((u32)((p)[2]) << 16) | \ + ((u32)((p)[3]) << 24)) + +#define U32TO8_LITTLE(p, v) \ + do { \ +(p)[0] = U8V((v) ); \ +(p)[1] = U8V((v) >> 8); \ +(p)[2] = U8V((v) >> 16); \ +(p)[3] = U8V((v) >> 24); \ + } while (0) + +#define ROTATE(v,c) (ROTL32(v,c)) +#define XOR(v,w) ((v) ^ (w)) +#define PLUS(v,w) (U32V((v) + (w))) +#define PLUSONE(v) (PLUS((v),1)) + +#define QUARTERROUND(a,b,c,d) \ + a = PLUS(a,b); d = ROTATE(XOR(d,a),16); \ + c = PLUS(c,d); b = ROTATE(XOR(b,c),12); \ + a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \ + c = PLUS(c,d); b = ROTATE(XOR(b,c), 7); + +st
svn commit: r303035 - in head/sys: arm/broadcom/bcm2835 boot/fdt/dts/arm sys
Author: markm Date: Tue Jul 19 18:07:47 2016 New Revision: 303035 URL: https://svnweb.freebsd.org/changeset/base/303035 Log: Random bit generator (RBG) driver for RPi and RPi2. Summary: This driver supports the following methods to trigger gathering random bits from the hardware: 1. interrupt when the FIFO is full (default) fed into the harvest queue 2. callout (when BCM2835_RNG_USE_CALLOUT is defined) every second if hz is less than 100, otherwise hz / 100, feeding the random bits into the harvest queue If the kernel is booted with verbose enabled, the contents of the registers will be dumped after the RBG is started during the attach routine. Author: hackagadget_gmail.com (Stephen J. Kiernan) Test Plan: Built RPI2 kernel and booted on board. Tested the different methods to feed the harvest queue (callout, interrupt) and the interrupt driven approach seems best. However, keeping the other method for people to be able to experiment with. Reviewed By: adrian, delphij, markm Differential Revision: https://reviews.freebsd.org/D6888 Added: head/sys/arm/broadcom/bcm2835/bcm2835_rng.c (contents, props changed) Modified: head/sys/arm/broadcom/bcm2835/files.bcm283x head/sys/boot/fdt/dts/arm/bcm2835.dtsi head/sys/boot/fdt/dts/arm/bcm2836.dtsi head/sys/sys/random.h Added: head/sys/arm/broadcom/bcm2835/bcm2835_rng.c == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/arm/broadcom/bcm2835/bcm2835_rng.c Tue Jul 19 18:07:47 2016 (r303035) @@ -0,0 +1,534 @@ +/* + * Copyright (c) 2015, 2016, Stephen J. Kiernan + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include +#include +#include + +#include +#include + +#if !defined(BCM2835_RNG_USE_CALLOUT) +#defineBCM2835_RNG_USE_INTERRUPT +#endif + +static device_attach_t bcm2835_rng_attach; +static device_detach_t bcm2835_rng_detach; +static device_probe_t bcm2835_rng_probe; + +#defineRNG_CTRL0x00/* RNG Control Register */ +#defineRNG_COMBLK1_OSC 0x003f /* Combiner Blk 1 Oscillator */ +#defineRNG_COMBLK1_OSC_SHIFT 16 +#defineRNG_COMBLK2_OSC 0x0fc0 /* Combiner Blk 2 Oscillator */ +#defineRNG_COMBLK2_OSC_SHIFT 22 +#defineRNG_JCLK_BYP_DIV_CNT0xff00 /* Jitter clk bypass divider + count */ +#defineRNG_JCLK_BYP_DIV_CNT_SHIFT 8 +#defineRNG_JCLK_BYP_SRC0x0020 /* Jitter clk bypass source */ +#defineRNG_JCLK_BYP_SEL0x0010 /* Jitter clk bypass select */ +#defineRNG_RBG2X 0x0002 /* RBG 2X SPEED */ +#defineRNG_RBGEN_BIT 0x0001 /* Enable RNG bit */ + +#defineRNG_STATUS 0x04/* RNG status register */ +#defineRND_VAL_SHIFT 24 /* Shift for valid words */ +#defineRND_VAL_MASK0x00ff /* Number valid words mask */ +#defineRND_VAL_WARM_CNT0x4 /* RNG Warm Up count */ +#defineRND_WARM_CNT0xf /* RNG Warm Up Count mask */ + +#defineRNG_DATA0x08/* RNG Data Register */ +#defineRNG_FF_THRES0x0c +#defineRNG_FF_THRES_MASK 0x001f + +
svn commit: r288780 - head/sys/dev/random
Author: markm Date: Mon Oct 5 10:45:52 2015 New Revision: 288780 URL: https://svnweb.freebsd.org/changeset/base/288780 Log: Fix printf-like formats for KASSERT. Submitted by: jenkins Approved by: so (/dev/random blanket) Modified: head/sys/dev/random/random_harvestq.c Modified: head/sys/dev/random/random_harvestq.c == --- head/sys/dev/random/random_harvestq.c Mon Oct 5 10:45:33 2015 (r288779) +++ head/sys/dev/random/random_harvestq.c Mon Oct 5 10:45:52 2015 (r288780) @@ -211,7 +211,7 @@ random_sources_feed(void) LIST_FOREACH(rrs, &source_list, rrs_entries) { for (i = 0; i < p_random_alg_context->ra_poolcount*(local_read_rate + 1); i++) { n = rrs->rrs_source->rs_read(entropy, sizeof(entropy)); - KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%d > %d) in %s", __func__, n, sizeof(entropy))); + KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%u > %zu)", __func__, n, sizeof(entropy))); /* It would appear that in some circumstances (e.g. virtualisation), * the underlying hardware entropy source might not always return * random numbers. Accept this but make a noise. If too much happens, ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r288703 - head/sys/dev/random
Author: markm Date: Mon Oct 5 07:41:12 2015 New Revision: 288703 URL: https://svnweb.freebsd.org/changeset/base/288703 Log: It appears that under some circumstances, like virtualisiation, the 'rdrand' instruction may occasionally not return random numbers, in spite of looping attempts to do so. The reusult is a KASSERT/panic. Reluctantly accept this state-of-affairs, but make a noise about it. if this 'noise' spams the console, it may be time to discontinue using that source. This is written in a general way to account for /any/ source that might not supply random numbers when required. Submitted by: jkh (report and slightly different fix) Approved by: so (/dev/random blanket) Modified: head/sys/dev/random/random_harvestq.c Modified: head/sys/dev/random/random_harvestq.c == --- head/sys/dev/random/random_harvestq.c Mon Oct 5 07:40:18 2015 (r288702) +++ head/sys/dev/random/random_harvestq.c Mon Oct 5 07:41:12 2015 (r288703) @@ -211,7 +211,16 @@ random_sources_feed(void) LIST_FOREACH(rrs, &source_list, rrs_entries) { for (i = 0; i < p_random_alg_context->ra_poolcount*(local_read_rate + 1); i++) { n = rrs->rrs_source->rs_read(entropy, sizeof(entropy)); - KASSERT((n > 0 && n <= sizeof(entropy)), ("very bad return from rs_read (= %d) in %s", n, __func__)); + KASSERT((n <= sizeof(entropy)), ("%s: rs_read returned too much data (%d > %d) in %s", __func__, n, sizeof(entropy))); + /* It would appear that in some circumstances (e.g. virtualisation), +* the underlying hardware entropy source might not always return +* random numbers. Accept this but make a noise. If too much happens, +* can that source be trusted? +*/ + if (n == 0) { + printf("%s: rs_read for hardware device '%s' returned no entropy.\n", __func__, rrs->rrs_source->rs_ident); + continue; + } random_harvest_direct(entropy, n, (n*8)/2, rrs->rrs_source->rs_source); } } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r287023 - in head: share/man/man4 sys/conf sys/dev/random sys/sys sys/vm
Author: markm Date: Sat Aug 22 12:59:05 2015 New Revision: 287023 URL: https://svnweb.freebsd.org/changeset/base/287023 Log: Make the UMA harvesting go away completely if not wanted. Default to "not wanted". Provide and document the RANDOM_ENABLE_UMA option. Change RANDOM_FAST to RANDOM_UMA to clarify the harvesting. Remove RANDOM_DEBUG option, replace with SDT probes. These will be of use to folks measuring the harvesting effect when deciding whether to use RANDOM_ENABLE_UMA. Requested by: scottl and others. Approved by: so (/dev/random blanket) Differential Revision:https://reviews.freebsd.org/D3197 Modified: head/share/man/man4/random.4 head/sys/conf/NOTES head/sys/conf/options head/sys/dev/random/build.sh head/sys/dev/random/fortuna.c head/sys/dev/random/random_harvestq.c head/sys/dev/random/unit_test.c head/sys/dev/random/yarrow.c head/sys/sys/random.h head/sys/vm/uma_core.c Modified: head/share/man/man4/random.4 == --- head/share/man/man4/random.4Sat Aug 22 07:45:49 2015 (r287022) +++ head/share/man/man4/random.4Sat Aug 22 12:59:05 2015 (r287023) @@ -32,6 +32,7 @@ .Sh SYNOPSIS .Cd "device random" .Cd "options RANDOM_LOADABLE" +.Cd "options RANDOM_ENABLE_UMA" .Sh DESCRIPTION The .Nm @@ -177,6 +178,24 @@ must be locked against load and unload events, and also must be indirect calls to allow for removal. +.Pp +When +.Cd "options RANDOM_ENABLE_UMA" +is used, +the +.Pa /dev/random +device will obtain entropy +from the zone allocator. +This is potentially very high rate, +and if so will be of questionable use. +If this is the case, +use of this option +is not recommended. +Determining this is not trivial, +so experimenting and measurement +using tools such as +.Xr dtrace 1 +will be required. .Sh RANDOMNESS The use of randomness in the field of computing is a rather subtle issue because randomness means Modified: head/sys/conf/NOTES == --- head/sys/conf/NOTES Sat Aug 22 07:45:49 2015(r287022) +++ head/sys/conf/NOTES Sat Aug 22 12:59:05 2015(r287023) @@ -2985,8 +2985,10 @@ options MAXFILES=999 #options RANDOM_YARROW # Yarrow CSPRNG (old default) #options RANDOM_LOADABLE # Allow the algorithm to be loaded as # a module. -# For developers. -optionsRANDOM_DEBUG# Extra debugging messages +# Select this to allow high-rate but potentially expensive +# harvesting of Slab-Allocator entropy. In very high-rate +# situations the value of doing this is dubious at best. +optionsRANDOM_ENABLE_UMA # slab allocator # Module to enable execution of application via emulators like QEMU options IMAGACT_BINMISC Modified: head/sys/conf/options == --- head/sys/conf/options Sat Aug 22 07:45:49 2015(r287022) +++ head/sys/conf/options Sat Aug 22 12:59:05 2015(r287023) @@ -945,17 +945,16 @@ RACCT_DEFAULT_TO_DISABLED opt_global.h RCTL opt_global.h # Random number generator(s) -# The DEBUG option is in global.h as the random harvesting -# puts probes all over the place, and it makes little sense -# to pollute these headers with an extra include. -RANDOM_DEBUG opt_random.h -# Which CSPRNG hashes we get. +# Which CSPRNG hash we get. # If Yarrow is not chosen, Fortuna is selected. RANDOM_YARROW opt_random.h # With this, no entropy processor is loaded, but the entropy # harvesting infrastructure is present. This means an entropy # processor may be loaded as a module. RANDOM_LOADABLEopt_random.h +# This turns on high-rate and potentially expensive harvesting in +# the uma slab allocator. +RANDOM_ENABLE_UMA opt_global.h # Intel em(4) driver EM_MULTIQUEUE opt_em.h Modified: head/sys/dev/random/build.sh == --- head/sys/dev/random/build.shSat Aug 22 07:45:49 2015 (r287022) +++ head/sys/dev/random/build.shSat Aug 22 12:59:05 2015 (r287023) @@ -35,7 +35,7 @@ # <(sed -e 's/fortuna/wombat/g' \ #-e 's/FORTUNA/WOMBAT/g' fortuna.c) | less # -cc -g -O0 -pthread -DRANDOM_DEBUG \ +cc -g -O0 -pthread \ -I../.. -lstdthreads -Wall \ unit_test.c \ yarrow.c \ @@ -46,7 +46,7 @@ cc -g -O0 -pthread -DRANDOM_DEBUG \ ../../crypto/sha2/sha256c.c \ -lz \ -o yunit_test -cc -g -O0 -pthread -DRANDOM_DEBUG \ +cc -g -O0 -pthread \ -I../.. -lstdthreads -Wall \ unit_test.c \ fortuna.c \ Modified: head/sys/dev/random/fortuna.c == --- head/sys/dev/random/fortuna.c Sat Aug 22 07:45:49 2015
svn commit: r286839 - in head: . share/man/man4 sys/conf sys/dev/random sys/modules sys/modules/random_fortuna sys/modules/random_other sys/modules/random_yarrow sys/sys
Author: markm Date: Mon Aug 17 07:36:12 2015 New Revision: 286839 URL: https://svnweb.freebsd.org/changeset/base/286839 Log: Add DEV_RANDOM pseudo-option and use it to "include out" random(4) if desired. Retire randomdev_none.c and introduce random_infra.c for resident infrastructure. Completely stub out random(4) calls in the "without DEV_RANDOM" case. Add RANDOM_LOADABLE option to allow loadable Yarrow/Fortuna/LocallyWritten algorithm. Add a skeleton "other" algorithm framework for folks to add their own processing code. NIST, anyone? Retire the RANDOM_DUMMY option. Build modules for Yarrow, Fortuna and "other". Use atomics for the live entropy rate-tracking. Convert ints to bools for the 'seeded' logic. Move _write() function from the algorithm-specific areas to randomdev.c Get rid of reseed() function - it is unused. Tidy up the opt_*.h includes. Update documentation for random(4) modules. Fix test program (reviewers, please leave this). Differential Revision:https://reviews.freebsd.org/D3354 Reviewed by: wblock,delphij,jmg,bjk Approved by: so (/dev/random blanket) Added: head/sys/dev/random/other_algorithm.c (contents, props changed) head/sys/dev/random/other_algorithm.h (contents, props changed) head/sys/dev/random/random_infra.c (contents, props changed) head/sys/modules/random_fortuna/ head/sys/modules/random_fortuna/Makefile (contents, props changed) head/sys/modules/random_other/ head/sys/modules/random_other/Makefile (contents, props changed) head/sys/modules/random_yarrow/ head/sys/modules/random_yarrow/Makefile (contents, props changed) Deleted: head/sys/dev/random/randomdev_none.c Modified: head/UPDATING head/share/man/man4/random.4 head/sys/conf/NOTES head/sys/conf/files head/sys/conf/options head/sys/dev/random/fortuna.c head/sys/dev/random/random_harvestq.c head/sys/dev/random/random_harvestq.h head/sys/dev/random/randomdev.c head/sys/dev/random/randomdev.h head/sys/dev/random/unit_test.c head/sys/dev/random/yarrow.c head/sys/modules/Makefile head/sys/sys/random.h Modified: head/UPDATING == --- head/UPDATING Mon Aug 17 05:59:36 2015(r286838) +++ head/UPDATING Mon Aug 17 07:36:12 2015(r286839) @@ -31,6 +31,21 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) +20150817: + Kernel-loadable modules for the random(4) device are back. To use + them, the kernel must have + + device random + options RANDOM_LOADABLE + + kldload(8) can then be used to load random_fortuna.ko + or random_yarrow.ko. Please note that due to the indirect + function calls that the loadable modules need to provide, + the build-in variants will be slightly more efficient. + + The random(4) kernel option RANDOM_DUMMY has been retired due to + unpopularity. It was not all that useful anyway. + 20150813: The WITHOUT_ELFTOOLCHAIN_TOOLS src.conf(5) knob has been retired. Control over building the ELF Tool Chain tools is now provided by Modified: head/share/man/man4/random.4 == --- head/share/man/man4/random.4Mon Aug 17 05:59:36 2015 (r286838) +++ head/share/man/man4/random.4Mon Aug 17 07:36:12 2015 (r286839) @@ -23,7 +23,7 @@ .\" .\" $FreeBSD$ .\" -.Dd June 30, 2015 +.Dd August 17, 2015 .Dt RANDOM 4 .Os .Sh NAME @@ -31,6 +31,7 @@ .Nd the entropy device .Sh SYNOPSIS .Cd "device random" +.Cd "options RANDOM_LOADABLE" .Sh DESCRIPTION The .Nm @@ -133,15 +134,49 @@ The .Va kern.random.harvest.mask_bin and .Va kern.random.harvest.mask_symbolic -sysctl -can be used confirm -that your choices are correct. +sysctls +can be used to confirm +that the choices are correct. Note that disabled items in the latter item are listed in square brackets. See .Xr random_harvest 9 for more on the harvesting of entropy. +.Pp +When +.Cd "options RANDOM_LOADABLE" +is used, +the +.Pa /dev/random +device is not created +until an "algorithm module" +is loaded. +Two of these modules +are built by default, +.Em random_fortuna +and +.Em random_yarrow . +The +.Em random_yarrow +module is deprecated, +and will be removed in +.Fx 12. +Use of the Yarrow algorithm +is not encouraged, +but while still present +in the kernel source, +it can be selected with the +.Cd "options RANDOM_YARROW" +kernel option. +Note that these loadable modules +are slightly less efficient +than their compiled-in equivalents. +This is because some functions +must be locked against +load and unload events, +and also must be indirect calls +to allow for removal. .Sh RANDOMNESS The use of randomness in
svn commit: r285700 - head/sys/dev/random
Author: markm Date: Sun Jul 19 18:07:35 2015 New Revision: 285700 URL: https://svnweb.freebsd.org/changeset/base/285700 Log: Fix some untidy logic. I committed the wrong local fix; please pass the pointy hat. Approved by:so (/dev/random blanket) Modified: head/sys/dev/random/randomdev.c Modified: head/sys/dev/random/randomdev.c == --- head/sys/dev/random/randomdev.c Sun Jul 19 18:07:25 2015 (r285699) +++ head/sys/dev/random/randomdev.c Sun Jul 19 18:07:35 2015 (r285700) @@ -183,7 +183,7 @@ read_random_uio(struct uio *uio, bool no printf("random: %s unblock wait\n", __func__); spamcount = (spamcount + 1)%100; error = tsleep(&random_alg_context, PCATCH, "randseed", hz/10); - if ((error == ERESTART | error == EINTR)) + if (error == ERESTART || error == EINTR) break; } if (error == 0) { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r285690 - head/sys/dev/random
Author: markm Date: Sun Jul 19 16:05:23 2015 New Revision: 285690 URL: https://svnweb.freebsd.org/changeset/base/285690 Log: Optimise the buffer-size calculation. It was possible to get one block too many. Approved by: so (/dev/random blanket) Modified: head/sys/dev/random/randomdev.c Modified: head/sys/dev/random/randomdev.c == --- head/sys/dev/random/randomdev.c Sun Jul 19 15:44:51 2015 (r285689) +++ head/sys/dev/random/randomdev.c Sun Jul 19 16:05:23 2015 (r285690) @@ -64,6 +64,9 @@ __FBSDID("$FreeBSD$"); #defineRANDOM_UNIT 0 +/* Return the largest number >= x that is a multiple of m */ +#define CEIL_TO_MULTIPLE(x, m) x) + (m) - 1)/(m))*(m)) + static d_read_t randomdev_read; static d_write_t randomdev_write; static d_poll_t randomdev_poll; @@ -191,15 +194,15 @@ read_random_uio(struct uio *uio, bool no * which is what the underlying generator is expecting. * See the random_buf size requirements in the Yarrow/Fortuna code. */ - read_len += RANDOM_BLOCKSIZE; - read_len -= read_len % RANDOM_BLOCKSIZE; + read_len = CEIL_TO_MULTIPLE(read_len, RANDOM_BLOCKSIZE); + /* Work in chunks page-sized or less */ read_len = MIN(read_len, PAGE_SIZE); random_alg_context.ra_read(random_buf, read_len); c = MIN(uio->uio_resid, read_len); error = uiomove(random_buf, c, uio); total_read += c; } - if (total_read != uio->uio_resid && (error == ERESTART || error == EINTR) ) + if (total_read != uio->uio_resid && (error == ERESTART || error == EINTR)) /* Return partial read, not error. */ error = 0; } @@ -217,7 +220,7 @@ read_random_uio(struct uio *uio, bool no u_int read_random(void *random_buf, u_int len) { - u_int read_len, total_read, c; + u_int read_len; uint8_t local_buf[len + RANDOM_BLOCKSIZE]; KASSERT(random_buf != NULL, ("No suitable random buffer in %s", __func__)); @@ -228,22 +231,16 @@ read_random(void *random_buf, u_int len) /* XXX: FIX!! Next line as an atomic operation? */ read_rate += (len + sizeof(uint32_t))/sizeof(uint32_t); #endif - read_len = len; - /* -* Belt-and-braces. -* Round up the read length to a crypto block size multiple, -* which is what the underlying generator is expecting. -*/ - read_len += RANDOM_BLOCKSIZE; - read_len -= read_len % RANDOM_BLOCKSIZE; - total_read = 0; - while (read_len) { - c = MIN(read_len, PAGE_SIZE); - random_alg_context.ra_read(&local_buf[total_read], c); - read_len -= c; - total_read += c; + if (len > 0) { + /* +* Belt-and-braces. +* Round up the read length to a crypto block size multiple, +* which is what the underlying generator is expecting. +*/ + read_len = CEIL_TO_MULTIPLE(len, RANDOM_BLOCKSIZE); + random_alg_context.ra_read(local_buf, read_len); + memcpy(random_buf, local_buf, len); } - memcpy(random_buf, local_buf, len); } else len = 0; return (len); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r285691 - head/sys/conf
Author: markm Date: Sun Jul 19 16:05:26 2015 New Revision: 285691 URL: https://svnweb.freebsd.org/changeset/base/285691 Log: Clarify the intent of the RANDOM_* options. Approved by: so (/dev/random blanket) Modified: head/sys/conf/NOTES Modified: head/sys/conf/NOTES == --- head/sys/conf/NOTES Sun Jul 19 16:05:23 2015(r285690) +++ head/sys/conf/NOTES Sun Jul 19 16:05:26 2015(r285691) @@ -2982,8 +2982,10 @@ options MAXFILES=999 # Random number generator # Only ONE of the below two may be used; they are mutually exclusive. # If neither is present, then the Fortuna algorithm is used. -optionsRANDOM_YARROW # Yarrow CSPRNG (Default) -optionsRANDOM_DEBUG# Debugging messages +optionsRANDOM_YARROW # Yarrow CSPRNG (old default) +#options RANDOM_DUMMY# Dummy CSPRNG that always blocks +# For developers. +optionsRANDOM_DEBUG# Extra debugging messages # Module to enable execution of application via emulators like QEMU options IMAGACT_BINMISC ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r285693 - head/sys/dev/random
Author: markm Date: Sun Jul 19 16:05:34 2015 New Revision: 285693 URL: https://svnweb.freebsd.org/changeset/base/285693 Log: Remove out-of-date comments. Approved by:so (/dev/random blanket) Modified: head/sys/dev/random/fortuna.c head/sys/dev/random/yarrow.c Modified: head/sys/dev/random/fortuna.c == --- head/sys/dev/random/fortuna.c Sun Jul 19 16:05:30 2015 (r285692) +++ head/sys/dev/random/fortuna.c Sun Jul 19 16:05:34 2015 (r285693) @@ -133,7 +133,6 @@ static void random_fortuna_deinit_alg(vo static void random_fortuna_reseed_internal(uint32_t *entropy_data, u_int blockcount); -/* Interface to Adaptors system */ struct random_algorithm random_alg_context = { .ra_ident = "Fortuna", .ra_init_alg = random_fortuna_init_alg, Modified: head/sys/dev/random/yarrow.c == --- head/sys/dev/random/yarrow.cSun Jul 19 16:05:30 2015 (r285692) +++ head/sys/dev/random/yarrow.cSun Jul 19 16:05:34 2015 (r285693) @@ -117,7 +117,6 @@ static void random_yarrow_deinit_alg(voi static void random_yarrow_reseed_internal(u_int); -/* Interface to Adaptors system */ struct random_algorithm random_alg_context = { .ra_ident = "Yarrow", .ra_init_alg = random_yarrow_init_alg, ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r285692 - head/sys/dev/random
Author: markm Date: Sun Jul 19 16:05:30 2015 New Revision: 285692 URL: https://svnweb.freebsd.org/changeset/base/285692 Log: Fix the read blocking so that it is interruptable and slow down the rate of console warning spamming while blocked. Approved by: so (/dev/random blanket) Modified: head/sys/dev/random/randomdev.c Modified: head/sys/dev/random/randomdev.c == --- head/sys/dev/random/randomdev.c Sun Jul 19 16:05:26 2015 (r285691) +++ head/sys/dev/random/randomdev.c Sun Jul 19 16:05:30 2015 (r285692) @@ -163,22 +163,28 @@ int read_random_uio(struct uio *uio, bool nonblock) { uint8_t *random_buf; - int error; + int error, spamcount; ssize_t read_len, total_read, c; random_buf = malloc(PAGE_SIZE, M_ENTROPY, M_WAITOK); random_alg_context.ra_pre_read(); - /* (Un)Blocking logic */ error = 0; + spamcount = 0; + /* (Un)Blocking logic */ while (!random_alg_context.ra_seeded()) { if (nonblock) { error = EWOULDBLOCK; break; } - tsleep(&random_alg_context, 0, "randseed", hz/10); /* keep tapping away at the pre-read until we seed/unblock. */ random_alg_context.ra_pre_read(); - printf("random: %s unblock wait\n", __func__); + /* Only bother the console every 10 seconds or so */ + if (spamcount == 0) + printf("random: %s unblock wait\n", __func__); + spamcount = (spamcount + 1)%100; + error = tsleep(&random_alg_context, PCATCH, "randseed", hz/10); + if ((error == ERESTART | error == EINTR)) + break; } if (error == 0) { #if !defined(RANDOM_DUMMY) ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r285688 - head
Author: markm Date: Sun Jul 19 14:34:35 2015 New Revision: 285688 URL: https://svnweb.freebsd.org/changeset/base/285688 Log: Clean up some trailing whitespace. Modified: head/UPDATING Modified: head/UPDATING == --- head/UPDATING Sun Jul 19 13:10:47 2015(r285687) +++ head/UPDATING Sun Jul 19 14:34:35 2015(r285688) @@ -87,7 +87,7 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 20150616: FreeBSD's old make (fmake) has been removed from the system. It is available as the devel/fmake port or via pkg install fmake. - + 20150615: The fix for the issue described in the 20150614 sendmail entry below has been been committed in revision 284436. The work @@ -110,7 +110,7 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 this interoperability, sendmail can be configured to use a 2048 bit DH parameter by: - 1. Edit /etc/mail/`hostname`.mc + 1. Edit /etc/mail/`hostname`.mc 2. If a setting for confDH_PARAMETERS does not exist or exists and is set to a string beginning with '5', replace it with '2'. @@ -223,7 +223,7 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 using a local socket. Users who have already enabled the local_unbound service should regenerate their configuration by running "service local_unbound setup" as root. - + 20150102: The GNU texinfo and GNU info pages have been removed. To be able to view GNU info pages please install texinfo from ports. @@ -614,7 +614,7 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 The GNU Compiler Collection and C++ standard library (libstdc++) are no longer built by default on platforms where clang is the system compiler. You can enable them with the WITH_GCC and WITH_GNUCXX - options in src.conf. + options in src.conf. 20130905: The PROCDESC kernel option is now part of the GENERIC kernel @@ -968,7 +968,7 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 11 20120727: The sparc64 ZFS loader has been changed to no longer try to auto- detect ZFS providers based on diskN aliases but now requires these - to be explicitly listed in the OFW boot-device environment variable. + to be explicitly listed in the OFW boot-device environment variable. 20120712: The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r284959 - in head: . share/man/man4 share/man/man9 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe sys/dev/syscons sys/dev/ubsec sys/dev/virtio/random s
> On 15 Jul 2015, at 23:43, Adrian Chadd wrote: > >> - Add harvesting of slab allocator events. This needs to be checked for >>weighing down the allocator code. > > Hi, > > Is this really doing it upon every one of those events? eg, for each > mbuf alloc through UMA? Only if you turn it on! M -- ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r285550 - head/usr.bin/w
Author: markm Date: Tue Jul 14 18:53:24 2015 New Revision: 285550 URL: https://svnweb.freebsd.org/changeset/base/285550 Log: Widen the host field so that a full IPv6 address will be seen. Modified: head/usr.bin/w/w.c Modified: head/usr.bin/w/w.c == --- head/usr.bin/w/w.c Tue Jul 14 18:45:15 2015(r285549) +++ head/usr.bin/w/w.c Tue Jul 14 18:53:24 2015(r285550) @@ -120,7 +120,7 @@ static struct entry { #defineW_DISPUSERSIZE 10 #defineW_DISPLINESIZE 8 -#defineW_DISPHOSTSIZE 24 +#defineW_DISPHOSTSIZE 40 static void pr_header(time_t *, int); static struct stat *ttystat(char *); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r285439 - head/sys/dev/random
Author: markm Date: Mon Jul 13 08:38:21 2015 New Revision: 285439 URL: https://svnweb.freebsd.org/changeset/base/285439 Log: Rework the read routines to keep the PRNG sources happy. These work in units of crypto blocks, so must have adequate space to write. This means needing to be careful about buffers and keeping track of external read request length. Approved by: so (/dev/random blanket) Modified: head/sys/dev/random/randomdev.c Modified: head/sys/dev/random/randomdev.c == --- head/sys/dev/random/randomdev.c Mon Jul 13 05:59:41 2015 (r285438) +++ head/sys/dev/random/randomdev.c Mon Jul 13 08:38:21 2015 (r285439) @@ -153,8 +153,8 @@ static int randomdev_read(struct cdev *dev __unused, struct uio *uio, int flags) { uint8_t *random_buf; - int c, error; - ssize_t nbytes; + int error; + ssize_t read_len, total_read, c; random_buf = malloc(PAGE_SIZE, M_ENTROPY, M_WAITOK); random_alg_context.ra_pre_read(); @@ -175,14 +175,24 @@ randomdev_read(struct cdev *dev __unused /* XXX: FIX!! Next line as an atomic operation? */ read_rate += (uio->uio_resid + sizeof(uint32_t))/sizeof(uint32_t); #endif - nbytes = uio->uio_resid; + total_read = 0; while (uio->uio_resid && !error) { - c = MIN(uio->uio_resid, PAGE_SIZE); - /* See the random_buf size requirements in the Yarrow/Fortuna code */ - random_alg_context.ra_read(random_buf, c); + read_len = uio->uio_resid; + /* +* Belt-and-braces. +* Round up the read length to a crypto block size multiple, +* which is what the underlying generator is expecting. +* See the random_buf size requirements in the Yarrow/Fortuna code. +*/ + read_len += RANDOM_BLOCKSIZE; + read_len -= read_len % RANDOM_BLOCKSIZE; + read_len = MIN(read_len, PAGE_SIZE); + random_alg_context.ra_read(random_buf, read_len); + c = MIN(uio->uio_resid, read_len); error = uiomove(random_buf, c, uio); + total_read += c; } - if (nbytes != uio->uio_resid && (error == ERESTART || error == EINTR) ) + if (total_read != uio->uio_resid && (error == ERESTART || error == EINTR) ) /* Return partial read, not error. */ error = 0; } @@ -212,6 +222,13 @@ read_random(void *random_buf, u_int len) read_rate += (len + sizeof(uint32_t))/sizeof(uint32_t); #endif read_len = len; + /* +* Belt-and-braces. +* Round up the read length to a crypto block size multiple, +* which is what the underlying generator is expecting. +*/ + read_len += RANDOM_BLOCKSIZE; + read_len -= read_len % RANDOM_BLOCKSIZE; total_read = 0; while (read_len) { c = MIN(read_len, PAGE_SIZE); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r285422 - in head: share/man/man4 sys/conf sys/dev/random sys/net sys/netgraph
Author: markm Date: Sun Jul 12 18:14:38 2015 New Revision: 285422 URL: https://svnweb.freebsd.org/changeset/base/285422 Log: * Address review (and add a bit myself). - Tweek man page. - Remove all mention of RANDOM_FORTUNA. If the system owner wants YARROW or DUMMY, they ask for it, otherwise they get FORTUNA. - Tidy up headers a bit. - Tidy up declarations a bit. - Make static in a couple of places where needed. - Move Yarrow/Fortuna SYSINIT/SYSUNINIT to randomdev.c, moving us towards a single file where the algorithm context is used. - Get rid of random_*_process_buffer() functions. They were only used in one place each, and are better subsumed into those places. - Remove *_post_read() functions as they are stubs everywhere. - Assert against buffer size illegalities. - Clean up some silly code in the randomdev_read() routine. - Make the harvesting more consistent. - Make some requested argument name changes. - Tidy up and clarify a few comments. - Make some requested comment changes. - Make some requested macro changes. * NOTE: the thing calling itself a 'unit test' is not yet a proper unit test, but it helps me ensure things work. It may be a proper unit test at some time in the future, but for now please don't make any assumptions or hold any expectations. Differential Revision:https://reviews.freebsd.org/D2025 Approved by: so (/dev/random blanket) Modified: head/share/man/man4/random.4 head/sys/conf/NOTES head/sys/dev/random/build.sh head/sys/dev/random/fortuna.c head/sys/dev/random/hash.h head/sys/dev/random/random_harvestq.c head/sys/dev/random/randomdev.c head/sys/dev/random/randomdev.h head/sys/dev/random/unit_test.c head/sys/dev/random/unit_test.h head/sys/dev/random/yarrow.c head/sys/net/if_tun.c head/sys/netgraph/ng_iface.c Modified: head/share/man/man4/random.4 == --- head/share/man/man4/random.4Sun Jul 12 17:28:31 2015 (r285421) +++ head/share/man/man4/random.4Sun Jul 12 18:14:38 2015 (r285422) @@ -62,7 +62,7 @@ This sysctl will not return random bytes unless the .Xr random 4 -is seeded. +device is seeded. .Pp This initial seeding of random number generators Modified: head/sys/conf/NOTES == --- head/sys/conf/NOTES Sun Jul 12 17:28:31 2015(r285421) +++ head/sys/conf/NOTES Sun Jul 12 18:14:38 2015(r285422) @@ -2978,8 +2978,8 @@ options MAXFILES=999 # Random number generator # Only ONE of the below two may be used; they are mutually exclusive. +# If neither is present, then the Fortuna algorithm is used. optionsRANDOM_YARROW # Yarrow CSPRNG (Default) -#options RANDOM_FORTUNA # Fortuna CSPRNG optionsRANDOM_DEBUG# Debugging messages # Module to enable execution of application via emulators like QEMU Modified: head/sys/dev/random/build.sh == --- head/sys/dev/random/build.shSun Jul 12 17:28:31 2015 (r285421) +++ head/sys/dev/random/build.shSun Jul 12 18:14:38 2015 (r285422) @@ -28,7 +28,14 @@ # # Basic script to build crude unit tests. # -cc -g -O0 -pthread -DRANDOM_DEBUG -DRANDOM_YARROW \ +# Diff-reduction checking between Yarrow and fortuna is done like so: +# +# $ diff -u -B <(sed -e 's/yarrow/wombat/g' \ +#-e 's/YARROW/WOMBAT/g' yarrow.c) \ +# <(sed -e 's/fortuna/wombat/g' \ +#-e 's/FORTUNA/WOMBAT/g' fortuna.c) | less +# +cc -g -O0 -pthread -DRANDOM_DEBUG \ -I../.. -lstdthreads -Wall \ unit_test.c \ yarrow.c \ @@ -39,7 +46,7 @@ cc -g -O0 -pthread -DRANDOM_DEBUG -DRAND ../../crypto/sha2/sha256c.c \ -lz \ -o yunit_test -cc -g -O0 -pthread -DRANDOM_DEBUG -DRANDOM_FORTUNA \ +cc -g -O0 -pthread -DRANDOM_DEBUG \ -I../.. -lstdthreads -Wall \ unit_test.c \ fortuna.c \ Modified: head/sys/dev/random/fortuna.c == --- head/sys/dev/random/fortuna.c Sun Jul 12 17:28:31 2015 (r285421) +++ head/sys/dev/random/fortuna.c Sun Jul 12 18:14:38 2015 (r285422) @@ -39,10 +39,8 @@ __FBSDID("$FreeBSD$"); #ifdef _KERNEL #include #include -#include #include #include -#include #include #include #include @@ -71,6 +69,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include #endif /* _KERNEL */ @@ -125,26 +124,28 @@ static uint8_t zero_region[RANDOM_ZERO_B static void random_fortuna_pre_read(void); static void random_fortuna_read(uint8_t *, u_int); -static void random_fortuna_post_read(void); static void random_fortuna_write(uint8_t *, u_int); static void random_fortuna_reseed(void); st
svn commit: r285288 - head/etc/rc.d
Author: markm Date: Wed Jul 8 18:46:44 2015 New Revision: 285288 URL: https://svnweb.freebsd.org/changeset/base/285288 Log: Address review. Differential Revision: https://reviews.freebsd.org/D2924 Modified: head/etc/rc.d/random Modified: head/etc/rc.d/random == --- head/etc/rc.d/randomWed Jul 8 18:43:55 2015(r285287) +++ head/etc/rc.d/randomWed Jul 8 18:46:44 2015(r285288) @@ -67,7 +67,7 @@ random_start() esac case ${entropy_file:=/entropy} in - [Nn][Oo] | '') + [Nn][Oo]) ;; *) feed_dev_random "${entropy_file}" /var/db/entropy-file @@ -76,7 +76,7 @@ random_start() esac case ${entropy_boot_file:=/boot/entropy} in - [Nn][Oo] | '') + [Nn][Oo]) ;; *) save_dev_random "${entropy_boot_file}" @@ -92,7 +92,7 @@ random_stop() # can be reseeded # case ${entropy_file:=/entropy} in - [Nn][Oo] | '') + [Nn][Oo]) ;; *) echo -n 'Writing entropy file:' @@ -124,7 +124,7 @@ random_stop() ;; esac case ${entropy_boot_file:=/boot/entropy} in - [Nn][Oo] | '') + [Nn][Oo]) ;; *) echo -n 'Writing early boot entropy file:' ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r284960 - in head: etc/defaults etc/rc.d share/man/man5 share/man/man9 sys/boot/forth
Author: markm Date: Tue Jun 30 17:09:41 2015 New Revision: 284960 URL: https://svnweb.freebsd.org/changeset/base/284960 Log: Updated random(4) boot/shutdown scripting. Fix the man pages as well. Differential Revision: https://reviews.freebsd.org/D2924 Approved by: so (delphij) Modified: head/etc/defaults/rc.conf head/etc/rc.d/random head/share/man/man5/rc.conf.5 head/share/man/man9/random.9 head/sys/boot/forth/loader.conf head/sys/boot/forth/loader.conf.5 Modified: head/etc/defaults/rc.conf == --- head/etc/defaults/rc.conf Tue Jun 30 17:00:45 2015(r284959) +++ head/etc/defaults/rc.conf Tue Jun 30 17:09:41 2015(r284960) @@ -630,15 +630,16 @@ kern_securelevel="-1" # range: -1..3 ; ` # in the system booting with securelevel set to 1, as # init(8) will raise the level when rc(8) completes. update_motd="YES" # update version info in /etc/motd (or NO) -entropy_file="/entropy"# Set to NO to disable caching entropy through reboots. +entropy_boot_file="/boot/entropy" # Set to NO to disable very early + # (used at early boot time) entropy caching through reboots. +entropy_file="/entropy"# Set to NO to disable late (used when going multi-user) + # entropy through reboots. # /var/db/entropy-file is preferred if / is not avail. entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron. entropy_save_sz="4096" # Size of the entropy cache files. entropy_save_num="8" # Number of entropy cache files to save. -harvest_interrupt="YES"# Entropy device harvests interrupt randomness -harvest_ethernet="YES" # Entropy device harvests ethernet randomness -harvest_p_to_p="YES" # Entropy device harvests point-to-point randomness -harvest_swi="YES" # Entropy device harvests internal SWI randomness +harvest_mask="511" # Entropy device harvests all but the very invasive sources. + # (See 'sysctl kern.random.harvest' and random(4)) dmesg_enable="YES" # Save dmesg(8) to /var/run/dmesg.boot watchdogd_enable="NO" # Start the software watchdog daemon watchdogd_flags="" # Flags to watchdogd (if enabled) Modified: head/etc/rc.d/random == --- head/etc/rc.d/randomTue Jun 30 17:00:45 2015(r284959) +++ head/etc/rc.d/randomTue Jun 30 17:09:41 2015(r284960) @@ -41,6 +41,13 @@ feed_dev_random() random_start() { + + if [ ${harvest_mask} -gt 0 ]; then + echo -n 'Setting up harvesting:' + ${SYSCTL} kern.random.harvest.mask=${harvest_mask} > /dev/null + ${SYSCTL_N} kern.random.harvest.mask_symbolic + fi + echo -n 'Feeding entropy:' if [ ! -w /dev/random ] ; then @@ -68,6 +75,14 @@ random_start() ;; esac + case ${entropy_boot_file:=/boot/entropy} in + [Nn][Oo] | '') + ;; + *) + save_dev_random "${entropy_boot_file}" + ;; + esac + echo '.' } @@ -100,7 +115,33 @@ random_stop() ;; *) dd if=/dev/random of=${entropy_file_confirmed} \ - bs=4096 count=1 2> /dev/null + bs=4096 count=1 2> /dev/null || + warn 'write failed (unwriteable file or full fs?)' + echo '.' + ;; + esac + umask ${oumask} + ;; + esac + case ${entropy_boot_file:=/boot/entropy} in + [Nn][Oo] | '') + ;; + *) + echo -n 'Writing early boot entropy file:' + rm -f ${entropy_boot_file} 2> /dev/null + oumask=`umask` + umask 077 + if touch ${entropy_boot_file} 2> /dev/null; then + entropy_boot_file_confirmed="${entropy_boot_file}" + fi + case ${entropy_boot_file_confirmed} in + '') + warn 'write failed (read-only fs?)' + ;; + *) + dd if=/dev/random of=${entropy_boot_file_confirmed} \ + bs=4096 count=1 2> /dev/null || + warn 'write failed (unwriteable file or full fs?)' echo '.' ;; esac Modified: head/share/man/man5/rc.conf.5 == --- head/share/man/man5/rc.conf.5 Tue Jun 30 17:00:45 2015 (r284959) +++ head/share/man/man5/rc.conf.5 Tue Jun 30 17:09:41 2015 (r284960) @@ -3995,27 +3995,11 @@ se
svn commit: r284959 - in head: . share/man/man4 share/man/man9 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe sys/dev/syscons sys/dev/ubsec sys/dev/virtio/random sy...
Author: markm Date: Tue Jun 30 17:00:45 2015 New Revision: 284959 URL: https://svnweb.freebsd.org/changeset/base/284959 Log: Huge cleanup of random(4) code. * GENERAL - Update copyright. - Make kernel options for RANDOM_YARROW and RANDOM_DUMMY. Set neither to ON, which means we want Fortuna - If there is no 'device random' in the kernel, there will be NO random(4) device in the kernel, and the KERN_ARND sysctl will return nothing. With RANDOM_DUMMY there will be a random(4) that always blocks. - Repair kern.arandom (KERN_ARND sysctl). The old version went through arc4random(9) and was a bit weird. - Adjust arc4random stirring a bit - the existing code looks a little suspect. - Fix the nasty pre- and post-read overloading by providing explictit functions to do these tasks. - Redo read_random(9) so as to duplicate random(4)'s read internals. This makes it a first-class citizen rather than a hack. - Move stuff out of locked regions when it does not need to be there. - Trim RANDOM_DEBUG printfs. Some are excess to requirement, some behind boot verbose. - Use SYSINIT to sequence the startup. - Fix init/deinit sysctl stuff. - Make relevant sysctls also tunables. - Add different harvesting "styles" to allow for different requirements (direct, queue, fast). - Add harvesting of FFS atime events. This needs to be checked for weighing down the FS code. - Add harvesting of slab allocator events. This needs to be checked for weighing down the allocator code. - Fix the random(9) manpage. - Loadable modules are not present for now. These will be re-engineered when the dust settles. - Use macros for locks. - Fix comments. * src/share/man/... - Update the man pages. * src/etc/... - The startup/shutdown work is done in D2924. * src/UPDATING - Add UPDATING announcement. * src/sys/dev/random/build.sh - Add copyright. - Add libz for unit tests. * src/sys/dev/random/dummy.c - Remove; no longer needed. Functionality incorporated into randomdev.*. * live_entropy_sources.c live_entropy_sources.h - Remove; content moved. - move content to randomdev.[ch] and optimise. * src/sys/dev/random/random_adaptors.c src/sys/dev/random/random_adaptors.h - Remove; plugability is no longer used. Compile-time algorithm selection is the way to go. * src/sys/dev/random/random_harvestq.c src/sys/dev/random/random_harvestq.h - Add early (re)boot-time randomness caching. * src/sys/dev/random/randomdev_soft.c src/sys/dev/random/randomdev_soft.h - Remove; no longer needed. * src/sys/dev/random/uint128.h - Provide a fake uint128_t; if a real one ever arrived, we can use that instead. All that is needed here is N=0, N++, N==0, and some localised trickery is used to manufacture a 128-bit 0ULLL. * src/sys/dev/random/unit_test.c src/sys/dev/random/unit_test.h - Improve unit tests; previously the testing human needed clairvoyance; now the test will do a basic check of compressibility. Clairvoyant talent is still a good idea. - This is still a long way off a proper unit test. * src/sys/dev/random/fortuna.c src/sys/dev/random/fortuna.h - Improve messy union to just uint128_t. - Remove unneeded 'static struct fortuna_start_cache'. - Tighten up up arithmetic. - Provide a method to allow eternal junk to be introduced; harden it against blatant by compress/hashing. - Assert that locks are held correctly. - Fix the nasty pre- and post-read overloading by providing explictit functions to do these tasks. - Turn into self-sufficient module (no longer requires randomdev_soft.[ch]) * src/sys/dev/random/yarrow.c src/sys/dev/random/yarrow.h - Improve messy union to just uint128_t. - Remove unneeded 'staic struct start_cache'. - Tighten up up arithmetic. - Provide a method to allow eternal junk to be introduced; harden it against blatant by compress/hashing. - Assert that locks are held correctly. - Fix the nasty pre- and post-read overloading by providing explictit functions to do these tasks. - Turn into self-sufficient module (no longer requires randomdev_soft.[ch]) - Fix some magic numbers elsewhere used as FAST and SLOW. Differential Revision: https://reviews.freebsd.org/D2025 Reviewed by: vsevolod,delphij,rwatson,trasz,jmg Approved by: so (delphij) Added: head/sys/dev/random/randomdev_none.c (contents, props changed) - copied, changed from r284956, head/sys/dev/random/randomdev_soft.h Deleted: head/sys/dev/random/dummy_rng.c head/sys/dev/random/live_entropy_sources.c head/sys/dev/random/live_entropy_sources.h head/sys/dev/random/random_adaptors.c head/sys/dev/random/random_adaptors.h head/sys/dev/random/randomdev_soft.c head/sys/dev/random/randomdev_soft.h head/sys/modules/random/Makefile Modified: head/UPDATING head/share/man/man4/random.4 head/share/man/man9/random.9
svn commit: r284911 - head/sys/sys
Author: markm Date: Sun Jun 28 12:52:28 2015 New Revision: 284911 URL: https://svnweb.freebsd.org/changeset/base/284911 Log: Add const to char * pointers. This breaks nothing, and means const chars can be passed with no warnings. Modified: head/sys/sys/kthread.h Modified: head/sys/sys/kthread.h == --- head/sys/sys/kthread.h Sun Jun 28 10:51:08 2015(r284910) +++ head/sys/sys/kthread.h Sun Jun 28 12:52:28 2015(r284911) @@ -37,14 +37,14 @@ * Note: global_procpp may be NULL for no global save area. */ struct kproc_desc { - char*arg0; /* arg 0 (for 'ps' listing) */ - void(*func)(void); /* "main" for kernel process */ + const char *arg0; /* arg 0 (for 'ps' listing) */ + void(*func)(void); /* "main" for kernel process */ struct proc **global_procpp;/* ptr to proc ptr save area */ }; /* A kernel thread descriptor; used to start "internal" daemons. */ struct kthread_desc { - char*arg0; /* arg 0 (for 'ps' listing) */ + const char *arg0; /* arg 0 (for 'ps' listing) */ void(*func)(void); /* "main" for kernel thread */ struct thread **global_threadpp; /* ptr to thread ptr save area */ }; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r284910 - head/sys/kern
Author: markm Date: Sun Jun 28 10:51:08 2015 New Revision: 284910 URL: https://svnweb.freebsd.org/changeset/base/284910 Log: Ansify another function. This is the last in the file, I hope. Modified: head/sys/kern/kern_kthread.c Modified: head/sys/kern/kern_kthread.c == --- head/sys/kern/kern_kthread.cSun Jun 28 09:44:58 2015 (r284909) +++ head/sys/kern/kern_kthread.cSun Jun 28 10:51:08 2015 (r284910) @@ -224,8 +224,7 @@ kproc_suspend_check(struct proc *p) */ void -kthread_start(udata) - const void *udata; +kthread_start(const void *udata) { const struct kthread_desc *kp = udata; int error; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r284909 - head/sys/kern
Author: markm Date: Sun Jun 28 09:44:58 2015 New Revision: 284909 URL: https://svnweb.freebsd.org/changeset/base/284909 Log: ANSIfy the only function that uses K&R definition in this file. Modified: head/sys/kern/kern_kthread.c Modified: head/sys/kern/kern_kthread.c == --- head/sys/kern/kern_kthread.cSun Jun 28 09:41:10 2015 (r284908) +++ head/sys/kern/kern_kthread.cSun Jun 28 09:44:58 2015 (r284909) @@ -55,8 +55,7 @@ __FBSDID("$FreeBSD$"); * to be called from SYSINIT(). */ void -kproc_start(udata) - const void *udata; +kproc_start(const void *udata) { const struct kproc_desc *kp = udata; int error; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r283517 - head/gnu/lib
Author: markm Date: Mon May 25 10:51:40 2015 New Revision: 283517 URL: https://svnweb.freebsd.org/changeset/base/283517 Log: Unbreak build where WANT_GDB == "no', as libreadline is also used by ntpdc. Modified: head/gnu/lib/Makefile Modified: head/gnu/lib/Makefile == --- head/gnu/lib/Makefile Mon May 25 09:47:16 2015(r283516) +++ head/gnu/lib/Makefile Mon May 25 10:51:40 2015(r283517) @@ -16,7 +16,7 @@ SUBDIR+= libssp SUBDIR+= tests .endif -.if ${MK_GDB} != "no" +.if ${MK_GDB} != "no" || ${MK_NTP} != "no" SUBDIR+= libreadline .endif ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r281463 - head/sys/sys
Author: markm Date: Sun Apr 12 11:23:59 2015 New Revision: 281463 URL: https://svnweb.freebsd.org/changeset/base/281463 Log: Fix a very minor typo. Modified: head/sys/sys/module.h Modified: head/sys/sys/module.h == --- head/sys/sys/module.h Sun Apr 12 10:28:15 2015(r281462) +++ head/sys/sys/module.h Sun Apr 12 11:23:59 2015(r281463) @@ -71,7 +71,7 @@ typedef union modspecific { } modspecific_t; /* - * Module dependency declarartion + * Module dependency declaration */ struct mod_depend { int md_ver_minimum; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r273939 - head/sys/modules
Author: markm Date: Sat Nov 1 17:52:04 2014 New Revision: 273939 URL: https://svnweb.freebsd.org/changeset/base/273939 Log: Remove duplicate macro settings (probably due to an SVN merge /faux pas/ on my part. Spotted by: DES Approved by: DES(implicit) Modified: head/sys/modules/Makefile Modified: head/sys/modules/Makefile == --- head/sys/modules/Makefile Sat Nov 1 17:22:53 2014(r273938) +++ head/sys/modules/Makefile Sat Nov 1 17:52:04 2014(r273939) @@ -606,17 +606,6 @@ _x86bios= x86bios _ixl= ixl _ixlv= ixlv _ntb= ntb -_nvd= nvd -_nvme= nvme -_nvram=nvram -_nxge= nxge -.if ${MK_CDDL} != "no" || defined(ALL_MODULES) -_opensolaris= opensolaris -.endif -.if ${MK_CRYPT} != "no" || defined(ALL_MODULES) -_padlock= padlock -.endif -_pccard= pccard _qlxge=qlxge _qlxgb=qlxgb _qlxgbe= qlxgbe ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r273872 - in head: etc/defaults etc/rc.d libexec/save-entropy share/examples/kld/random_adaptor sys/conf sys/dev/glxsb sys/dev/random sys/kern sys/modules sys/modules/padlock_rng sys/mo...
Author: markm Date: Thu Oct 30 21:21:53 2014 New Revision: 273872 URL: https://svnweb.freebsd.org/changeset/base/273872 Log: This is the much-discussed major upgrade to the random(4) device, known to you all as /dev/random. This code has had an extensive rewrite and a good series of reviews, both by the author and other parties. This means a lot of code has been simplified. Pluggable structures for high-rate entropy generators are available, and it is most definitely not the case that /dev/random can be driven by only a hardware souce any more. This has been designed out of the device. Hardware sources are stirred into the CSPRNG (Yarrow, Fortuna) like any other entropy source. Pluggable modules may be written by third parties for additional sources. The harvesting structures and consequently the locking have been simplified. Entropy harvesting is done in a more general way (the documentation for this will follow). There is some GREAT entropy to be had in the UMA allocator, but it is disabled for now as messing with that is likely to annoy many people. The venerable (but effective) Yarrow algorithm, which is no longer supported by its authors now has an alternative, Fortuna. For now, Yarrow is retained as the default algorithm, but this may be changed using a kernel option. It is intended to make Fortuna the default algorithm for 11.0. Interested parties are encouraged to read ISBN 978-0-470-47424-2 "Cryptography Engineering" By Ferguson, Schneier and Kohno for Fortuna's gory details. Heck, read it anyway. Many thanks to Arthur Mesh who did early grunt work, and who got caught in the crossfire rather more than he deserved to. My thanks also to folks who helped me thresh this out on whiteboards and in the odd "Hallway track", or otherwise. My Nomex pants are on. Let the feedback commence! Reviewed by: trasz,des(partial),imp(partial?),rwatson(partial?) Approved by: so(des) Added: head/sys/dev/random/build.sh (contents, props changed) head/sys/dev/random/fortuna.c (contents, props changed) head/sys/dev/random/fortuna.h (contents, props changed) head/sys/dev/random/uint128.h (contents, props changed) head/sys/dev/random/unit_test.c (contents, props changed) head/sys/dev/random/unit_test.h (contents, props changed) head/sys/modules/padlock_rng/ head/sys/modules/padlock_rng/Makefile (contents, props changed) head/sys/modules/rdrand_rng/ head/sys/modules/rdrand_rng/Makefile (contents, props changed) Deleted: head/etc/rc.d/initrandom head/sys/dev/random/harvest.c head/sys/dev/random/rwfile.c head/sys/dev/random/rwfile.h Modified: head/etc/defaults/rc.conf head/etc/rc.d/Makefile head/etc/rc.d/geli head/etc/rc.d/postrandom head/etc/rc.d/random head/libexec/save-entropy/save-entropy.sh head/share/examples/kld/random_adaptor/random_adaptor_example.c head/sys/conf/NOTES head/sys/conf/files head/sys/conf/options head/sys/dev/glxsb/glxsb.c head/sys/dev/random/dummy_rng.c head/sys/dev/random/hash.c head/sys/dev/random/hash.h head/sys/dev/random/ivy.c head/sys/dev/random/live_entropy_sources.c head/sys/dev/random/live_entropy_sources.h head/sys/dev/random/nehemiah.c head/sys/dev/random/random_adaptors.c head/sys/dev/random/random_adaptors.h head/sys/dev/random/random_harvestq.c head/sys/dev/random/random_harvestq.h head/sys/dev/random/randomdev.c head/sys/dev/random/randomdev.h head/sys/dev/random/randomdev_soft.c head/sys/dev/random/randomdev_soft.h head/sys/dev/random/yarrow.c head/sys/dev/random/yarrow.h head/sys/kern/init_main.c head/sys/kern/kern_intr.c head/sys/kern/subr_bus.c head/sys/modules/Makefile head/sys/modules/random/Makefile head/sys/net/if_ethersubr.c head/sys/net/if_tun.c head/sys/netgraph/ng_iface.c head/sys/sys/random.h head/sys/vm/uma_core.c Modified: head/etc/defaults/rc.conf == --- head/etc/defaults/rc.conf Thu Oct 30 17:58:57 2014(r273871) +++ head/etc/defaults/rc.conf Thu Oct 30 21:21:53 2014(r273872) @@ -645,7 +645,7 @@ update_motd="YES" # update version info entropy_file="/entropy"# Set to NO to disable caching entropy through reboots. # /var/db/entropy-file is preferred if / is not avail. entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron. -entropy_save_sz="2048" # Size of the entropy cache files. +entropy_save_sz="4096" # Size of the entropy cache files. entropy_save_num="8" # Number of entropy cache files to save. harvest_interrupt="YES"# Entropy device harvests interrupt randomness harvest_ethernet="YES" # Entropy device harvests ethernet randomness Modified: head/etc/rc.d/Makefile == --- head/etc/rc.d/Makefile Thu Oct 30 17:58:57 2014(r273871) +++ head/et
svn commit: r266083 - in head/sys/arm: arm include
Author: markm Date: Wed May 14 19:11:15 2014 New Revision: 266083 URL: http://svnweb.freebsd.org/changeset/base/266083 Log: Give suitably-endowed ARMs a register similar to the x86 TSC register. Here, "suitably endowed" means that the System Control Coprocessor (#15) has Performance Monitoring Registers, including a CCNT (Cycle Count) register. The CCNT register is used in a way similar to the TSC register in x86 processors by the get_cyclecount(9) function. The entropy-harvesting thread is a heavy user of this function, and will benefit from not having to call binuptime(9) instead. One problem with the CCNT register is that it is 32-bit only, so the upper 32-bits of the returned number are always 0. The entropy harvester does not care, but in case any one else does, follow-up work may include an interrup trap to increment an upper-32-bit counter on CCNT overflow. Another problem is that the CCNT register is not readable in user-mode code; in can be made readable by userland, but then it is also writable, and so is a good chunk of the PMU system. For that reason, the CCNT is not enabled for user-mode access in this commit. Like the x86, there is one CCNT per core, so they don't all run in perfect sync. Reviewed by: ian@ (an earlier version) Tested by:ian@ (same earlier version) Committed from: WANDBOARD-QUAD Modified: head/sys/arm/arm/cpufunc.c head/sys/arm/include/cpu.h Modified: head/sys/arm/arm/cpufunc.c == --- head/sys/arm/arm/cpufunc.c Wed May 14 19:02:00 2014(r266082) +++ head/sys/arm/arm/cpufunc.c Wed May 14 19:11:15 2014(r266083) @@ -1398,6 +1398,37 @@ arm10_setup(args) } #endif /* CPU_ARM9E || CPU_ARM10 */ +#if defined(CPU_ARM1136) || defined(CPU_ARM1176) \ + || defined(CPU_MV_PJ4B) \ + || defined(CPU_CORTEXA) || defined(CPU_KRAIT) +static __inline void +cpu_scc_setup_ccnt(void) +{ +/* This is how you give userland access to the CCNT and PMCn + * registers. + * BEWARE! This gives write access also, which may not be what + * you want! + */ +#ifdef _PMC_USER_READ_WRITE_ + /* Set PMUSERENR[0] to allow userland access */ + __asm volatile ("mcrp15, 0, %0, c9, c14, 0\n\t" + : + : "r"(0x0001)); +#endif +/* Set up the PMCCNTR register as a cyclecounter: +* Set PMINTENCLR to 0x to block interrupts +* Set PMCR[2,0] to enable counters and reset CCNT +* Set PMCNTENSET to 0x8000 to enable CCNT */ + __asm volatile ("mcrp15, 0, %0, c9, c14, 2\n\t" + "mcrp15, 0, %1, c9, c12, 0\n\t" + "mcrp15, 0, %2, c9, c12, 1\n\t" + : + : "r"(0x), + "r"(0x0005), + "r"(0x8000)); +} +#endif + #if defined(CPU_ARM1136) || defined(CPU_ARM1176) struct cpu_option arm11_options[] = { { "cpu.cache", BIC, OR, (CPU_CONTROL_IC_ENABLE | CPU_CONTROL_DC_ENABLE) }, @@ -1501,6 +1532,8 @@ arm11x6_setup(char *args) /* And again. */ cpu_idcache_wbinv_all(); + + cpu_scc_setup_ccnt(); } #endif /* CPU_ARM1136 || CPU_ARM1176 */ @@ -1535,6 +1568,8 @@ pj4bv7_setup(args) /* And again. */ cpu_idcache_wbinv_all(); + + cpu_scc_setup_ccnt(); } #endif /* CPU_MV_PJ4B */ @@ -1582,6 +1617,8 @@ cortexa_setup(char *args) #ifdef SMP armv7_auxctrl((1 << 6) | (1 << 0), (1 << 6) | (1 << 0)); /* Enable SMP + TLB broadcasting */ #endif + + cpu_scc_setup_ccnt(); } #endif /* CPU_CORTEXA */ Modified: head/sys/arm/include/cpu.h == --- head/sys/arm/include/cpu.h Wed May 14 19:02:00 2014(r266082) +++ head/sys/arm/include/cpu.h Wed May 14 19:11:15 2014(r266083) @@ -14,11 +14,26 @@ voidswi_vm(void *); static __inline uint64_t get_cyclecount(void) { +/* This '#if' asks the question 'Does CP15/SCC include performance counters?' */ +#if defined(CPU_ARM1136) || defined(CPU_ARM1176) \ + || defined(CPU_MV_PJ4B) \ + || defined(CPU_CORTEXA) || defined(CPU_KRAIT) + uint32_t ccnt; + uint64_t ccnt64; + + /* +* Read PMCCNTR. Curses! Its only 32 bits. +* TODO: Fix this by catching overflow with interrupt? +*/ + __asm __volatile("mrc p15, 0, %0, c9, c13, 0": "=r" (ccnt)); + ccnt64 = (uint64_t)ccnt; + return (ccnt64); +#else /* No performance counters, so use binuptime(9). This is slow */ struct bintime bt; binuptime(&bt); return ((uint64_t)bt.sec << 56 | bt.frac >> 8); - +#endif } #endif ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To
svn commit: r264969 - head/sys/dev/random
Author: markm Date: Sat Apr 26 13:21:28 2014 New Revision: 264969 URL: http://svnweb.freebsd.org/changeset/base/264969 Log: Correctly set the sysctl format to Alphanumeric, rather than letting it default. Approved by: security-officer(des) Modified: head/sys/dev/random/random_adaptors.c Modified: head/sys/dev/random/random_adaptors.c == --- head/sys/dev/random/random_adaptors.c Sat Apr 26 13:05:56 2014 (r264968) +++ head/sys/dev/random/random_adaptors.c Sat Apr 26 13:21:28 2014 (r264969) @@ -220,12 +220,12 @@ random_adaptors_init(void *unused) SYSCTL_PROC(_kern_random, OID_AUTO, adaptors, CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, - NULL, 0, random_sysctl_adaptors_handler, "", + NULL, 0, random_sysctl_adaptors_handler, "A", "Random Number Generator adaptors"); SYSCTL_PROC(_kern_random, OID_AUTO, active_adaptor, CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, - NULL, 0, random_sysctl_active_adaptor_handler, "", + NULL, 0, random_sysctl_active_adaptor_handler, "A", "Active Random Number Generator Adaptor"); sx_init(&adaptors_lock, "random_adaptors"); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r256449 - stable/10/sys/modules/random
Author: markm Date: Mon Oct 14 18:24:30 2013 New Revision: 256449 URL: http://svnweb.freebsd.org/changeset/base/256449 Log: MFC: Add extra files to the KLD random.ko module to allow it to load. Approved by: re (kib) Modified: stable/10/sys/modules/random/Makefile Directory Properties: stable/10/sys/ (props changed) Modified: stable/10/sys/modules/random/Makefile == --- stable/10/sys/modules/random/Makefile Mon Oct 14 18:17:09 2013 (r256448) +++ stable/10/sys/modules/random/Makefile Mon Oct 14 18:24:30 2013 (r256449) @@ -11,6 +11,7 @@ SRCS+=nehemiah.c SRCS+= ivy.c .endif SRCS+= randomdev_soft.c yarrow.c hash.c +SRCS+= random_harvestq.c live_entropy_sources.c rwfile.c SRCS+= rijndael-alg-fst.c rijndael-api-fst.c sha2.c SRCS+= bus_if.h device_if.h vnode_if.h opt_cpu.h opt_random.h ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r256446 - head/sys/modules/random
Author: markm Date: Mon Oct 14 17:43:22 2013 New Revision: 256446 URL: http://svnweb.freebsd.org/changeset/base/256446 Log: Add needed files to the KLD random.ko. Approved by: re (kib) Modified: head/sys/modules/random/Makefile Modified: head/sys/modules/random/Makefile == --- head/sys/modules/random/MakefileMon Oct 14 16:19:52 2013 (r256445) +++ head/sys/modules/random/MakefileMon Oct 14 17:43:22 2013 (r256446) @@ -11,6 +11,7 @@ SRCS+=nehemiah.c SRCS+= ivy.c .endif SRCS+= randomdev_soft.c yarrow.c hash.c +SRCS+= random_harvestq.c live_entropy_sources.c rwfile.c SRCS+= rijndael-alg-fst.c rijndael-api-fst.c sha2.c SRCS+= bus_if.h device_if.h vnode_if.h opt_cpu.h opt_random.h ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r256414 - stable/10/sys/dev/random
Author: markm Date: Sun Oct 13 00:13:57 2013 New Revision: 256414 URL: http://svnweb.freebsd.org/changeset/base/256414 Log: MFC: There is an issue (not seen in our testing) where "yarrow" and "dummy" switch priorities, and the users are left with no usable /dev/random. The fix assigns priories to these and gives the users what they want. The override tuneable has a stupid name (blame me!) and this fixes it to be something that 'sysctl kern.random' emits and is the right thing to set. Approved by: re (gjb) Approved by: secteam (cperciva) Modified: stable/10/sys/dev/random/dummy_rng.c stable/10/sys/dev/random/random_adaptors.c stable/10/sys/dev/random/randomdev.h stable/10/sys/dev/random/randomdev_soft.c Modified: stable/10/sys/dev/random/dummy_rng.c == --- stable/10/sys/dev/random/dummy_rng.cSun Oct 13 00:13:29 2013 (r256413) +++ stable/10/sys/dev/random/dummy_rng.cSun Oct 13 00:13:57 2013 (r256414) @@ -102,6 +102,7 @@ struct random_adaptor dummy_random = { .read = (random_read_func_t *)random_null_func, .reseed = (random_reseed_func_t *)random_null_func, .seeded = 0, /* This device can never be seeded */ + .priority = 1, /* Bottom priority, so goes to last position */ }; static int Modified: stable/10/sys/dev/random/random_adaptors.c == --- stable/10/sys/dev/random/random_adaptors.c Sun Oct 13 00:13:29 2013 (r256413) +++ stable/10/sys/dev/random/random_adaptors.c Sun Oct 13 00:13:57 2013 (r256414) @@ -104,12 +104,13 @@ void random_adaptor_choose(struct random_adaptor **adaptor) { char rngs[128], *token, *cp; - struct random_adaptors *rpp; + struct random_adaptors *rppi, *ramax; + unsigned primax; KASSERT(adaptor != NULL, ("pre-conditions failed")); *adaptor = NULL; - if (TUNABLE_STR_FETCH("rngs_want", rngs, sizeof(rngs))) { + if (TUNABLE_STR_FETCH("kern.random.active_adaptor", rngs, sizeof(rngs))) { cp = rngs; while ((token = strsep(&cp, ",")) != NULL) @@ -120,16 +121,23 @@ random_adaptor_choose(struct random_adap " skipping\n", token); } + primax = 0U; if (*adaptor == NULL) { /* -* Fallback to the first thing that's on the list of -* available RNGs. +* Fall back to the highest priority item on the available +* RNG list. */ sx_slock(&adaptors_lock); - rpp = LIST_FIRST(&adaptors); - if (rpp != NULL) - *adaptor = rpp->rsp; + ramax = NULL; + LIST_FOREACH(rppi, &adaptors, entries) { + if (rppi->rsp->priority >= primax) { + ramax = rppi; + primax = rppi->rsp->priority; + } + } + if (ramax != NULL) + *adaptor = ramax->rsp; sx_sunlock(&adaptors_lock); Modified: stable/10/sys/dev/random/randomdev.h == --- stable/10/sys/dev/random/randomdev.hSun Oct 13 00:13:29 2013 (r256413) +++ stable/10/sys/dev/random/randomdev.hSun Oct 13 00:13:57 2013 (r256414) @@ -44,6 +44,7 @@ struct random_adaptor { struct selinfo rsel; const char *ident; int seeded; + unsignedpriority; random_init_func_t *init; random_deinit_func_t*deinit; random_block_func_t *block; Modified: stable/10/sys/dev/random/randomdev_soft.c == --- stable/10/sys/dev/random/randomdev_soft.c Sun Oct 13 00:13:29 2013 (r256413) +++ stable/10/sys/dev/random/randomdev_soft.c Sun Oct 13 00:13:57 2013 (r256414) @@ -84,6 +84,7 @@ static struct random_adaptor random_cont .poll = randomdev_poll, .reseed = randomdev_flush_reseed, .seeded = 0, /* This will be seeded during entropy processing */ + .priority = 90, /* High priority, so top of the list. Fortuna may still win. */ }; #define RANDOM_MODULE_NAME yarrow #define RANDOM_CSPRNG_NAME "yarrow" @@ -99,6 +100,7 @@ static struct random_adaptor random_cont .poll = randomdev_poll, .reseed = randomdev_flush_reseed, .seeded = 0, /* This will be excplicitly seeded at startup when secured */ + .priority = 100, /* High priority, so top of the list. Beat Yarrow. */ }; #define RANDOM_MODULE_NAME fortuna #define RA
svn commit: r256412 - head/sys/dev/random
Author: markm Date: Sun Oct 13 00:10:48 2013 New Revision: 256412 URL: http://svnweb.freebsd.org/changeset/base/256412 Log: There is an issue (not seen in our testing) where "yarrow" and "dummy" switch priorities, and the users are left with no usable /dev/random. The fix assigns priories to these and gives the users what they want. The override tuneable has a stupid name (blame me!) and this fixes it to be something that 'sysctl kern.random' emits and is the right thing to set. Approved by: re (gjb) Approved by: secteam (cperciva) Modified: head/sys/dev/random/dummy_rng.c head/sys/dev/random/random_adaptors.c head/sys/dev/random/randomdev.h head/sys/dev/random/randomdev_soft.c Directory Properties: head/sys/ (props changed) Modified: head/sys/dev/random/dummy_rng.c == --- head/sys/dev/random/dummy_rng.c Sat Oct 12 23:51:00 2013 (r256411) +++ head/sys/dev/random/dummy_rng.c Sun Oct 13 00:10:48 2013 (r256412) @@ -102,6 +102,7 @@ struct random_adaptor dummy_random = { .read = (random_read_func_t *)random_null_func, .reseed = (random_reseed_func_t *)random_null_func, .seeded = 0, /* This device can never be seeded */ + .priority = 1, /* Bottom priority, so goes to last position */ }; static int Modified: head/sys/dev/random/random_adaptors.c == --- head/sys/dev/random/random_adaptors.c Sat Oct 12 23:51:00 2013 (r256411) +++ head/sys/dev/random/random_adaptors.c Sun Oct 13 00:10:48 2013 (r256412) @@ -104,12 +104,13 @@ void random_adaptor_choose(struct random_adaptor **adaptor) { char rngs[128], *token, *cp; - struct random_adaptors *rpp; + struct random_adaptors *rppi, *ramax; + unsigned primax; KASSERT(adaptor != NULL, ("pre-conditions failed")); *adaptor = NULL; - if (TUNABLE_STR_FETCH("rngs_want", rngs, sizeof(rngs))) { + if (TUNABLE_STR_FETCH("kern.random.active_adaptor", rngs, sizeof(rngs))) { cp = rngs; while ((token = strsep(&cp, ",")) != NULL) @@ -120,16 +121,23 @@ random_adaptor_choose(struct random_adap " skipping\n", token); } + primax = 0U; if (*adaptor == NULL) { /* -* Fallback to the first thing that's on the list of -* available RNGs. +* Fall back to the highest priority item on the available +* RNG list. */ sx_slock(&adaptors_lock); - rpp = LIST_FIRST(&adaptors); - if (rpp != NULL) - *adaptor = rpp->rsp; + ramax = NULL; + LIST_FOREACH(rppi, &adaptors, entries) { + if (rppi->rsp->priority >= primax) { + ramax = rppi; + primax = rppi->rsp->priority; + } + } + if (ramax != NULL) + *adaptor = ramax->rsp; sx_sunlock(&adaptors_lock); Modified: head/sys/dev/random/randomdev.h == --- head/sys/dev/random/randomdev.h Sat Oct 12 23:51:00 2013 (r256411) +++ head/sys/dev/random/randomdev.h Sun Oct 13 00:10:48 2013 (r256412) @@ -44,6 +44,7 @@ struct random_adaptor { struct selinfo rsel; const char *ident; int seeded; + unsignedpriority; random_init_func_t *init; random_deinit_func_t*deinit; random_block_func_t *block; Modified: head/sys/dev/random/randomdev_soft.c == --- head/sys/dev/random/randomdev_soft.cSat Oct 12 23:51:00 2013 (r256411) +++ head/sys/dev/random/randomdev_soft.cSun Oct 13 00:10:48 2013 (r256412) @@ -84,6 +84,7 @@ static struct random_adaptor random_cont .poll = randomdev_poll, .reseed = randomdev_flush_reseed, .seeded = 0, /* This will be seeded during entropy processing */ + .priority = 90, /* High priority, so top of the list. Fortuna may still win. */ }; #define RANDOM_MODULE_NAME yarrow #define RANDOM_CSPRNG_NAME "yarrow" @@ -99,6 +100,7 @@ static struct random_adaptor random_cont .poll = randomdev_poll, .reseed = randomdev_flush_reseed, .seeded = 0, /* This will be excplicitly seeded at startup when secured */ + .priority = 100, /* High priority, so top of the list. Beat Yarrow. */ }; #define RANDOM_MODULE_NAME fortuna #define RANDOM_CSPRNG_NAME "fortuna"
svn commit: r255391 - head/sys/dev/random
Author: markm Date: Sun Sep 8 16:48:03 2013 New Revision: 255391 URL: http://svnweb.freebsd.org/changeset/base/255391 Log: Fix verbose output line; needs Submitted by: Sean Bruno Approved by: re (glebius) Modified: head/sys/dev/random/random_adaptors.c Modified: head/sys/dev/random/random_adaptors.c == --- head/sys/dev/random/random_adaptors.c Sun Sep 8 15:44:34 2013 (r255390) +++ head/sys/dev/random/random_adaptors.c Sun Sep 8 16:48:03 2013 (r255391) @@ -177,7 +177,7 @@ random_adaptor_choose(struct random_adap } if (bootverbose && *adaptor) - printf("Falling back to <%s> random adaptor", + printf("Falling back to <%s> random adaptor\n", (*adaptor)->ident); } } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r255379 - head/sys/dev/random
Author: markm Date: Sat Sep 7 22:07:36 2013 New Revision: 255379 URL: http://svnweb.freebsd.org/changeset/base/255379 Log: Fix the build; Certain linkable symbols need to always be present. Pass the pointy hat please. Also unblock the software (Yarrow) generator for now. This will be reverted; Yarrow needs to block until secure, not this behaviour of serving as soon as asked. Folks with specific requiremnts will be able to (can!) unblock this device with any write, and are encouraged to do so in /etc/rc.d/* scripting. ("Any" in this case could be "echo '' > /dev/random" as root). Modified: head/sys/dev/random/pseudo_rng.c head/sys/dev/random/random_adaptors.c head/sys/dev/random/random_adaptors.h head/sys/dev/random/randomdev.c head/sys/dev/random/randomdev.h head/sys/dev/random/randomdev_soft.c Modified: head/sys/dev/random/pseudo_rng.c == --- head/sys/dev/random/pseudo_rng.cSat Sep 7 20:52:31 2013 (r255378) +++ head/sys/dev/random/pseudo_rng.cSat Sep 7 22:07:36 2013 (r255379) @@ -39,6 +39,12 @@ __FBSDID("$FreeBSD$"); static struct mtx pseudo_random_block_mtx; +/* Used to fake out unused random calls in random_adaptor */ +void +random_null_func(void) +{ +} + static int pseudo_random_block_read(void *buf __unused, int c __unused) { Modified: head/sys/dev/random/random_adaptors.c == --- head/sys/dev/random/random_adaptors.c Sat Sep 7 20:52:31 2013 (r255378) +++ head/sys/dev/random/random_adaptors.c Sat Sep 7 22:07:36 2013 (r255379) @@ -53,6 +53,8 @@ static struct sx adaptors_lock; /* need /* List for the dynamic sysctls */ static struct sysctl_ctx_list random_clist; +struct random_adaptor *random_adaptor; + MALLOC_DEFINE(M_RANDOM_ADAPTORS, "random_adaptors", "Random adaptors buffers"); int @@ -230,7 +232,7 @@ random_sysctl_active_adaptor_handler(SYS int error; name = NULL; - rsp = random_get_active_adaptor(); + rsp = random_adaptor; if (rsp != NULL) { sx_slock(&adaptors_lock); Modified: head/sys/dev/random/random_adaptors.h == --- head/sys/dev/random/random_adaptors.h Sat Sep 7 20:52:31 2013 (r255378) +++ head/sys/dev/random/random_adaptors.h Sat Sep 7 22:07:36 2013 (r255379) @@ -41,6 +41,8 @@ struct random_adaptor *random_adaptor_ge int random_adaptor_register(const char *, struct random_adaptor *); void random_adaptor_choose(struct random_adaptor **); +extern struct random_adaptor *random_adaptor; + /* * random_adaptor's should be registered prior to * random module (SI_SUB_DRIVERS/SI_ORDER_MIDDLE) Modified: head/sys/dev/random/randomdev.c == --- head/sys/dev/random/randomdev.c Sat Sep 7 20:52:31 2013 (r255378) +++ head/sys/dev/random/randomdev.c Sat Sep 7 22:07:36 2013 (r255379) @@ -72,27 +72,12 @@ static struct cdevsw random_cdevsw = { .d_name = "random", }; -static struct random_adaptor *random_adaptor; static eventhandler_tag attach_tag; static int random_inited; - /* For use with make_dev(9)/destroy_dev(9). */ static struct cdev *random_dev; -/* Used to fake out unused random calls in random_adaptor */ -void -random_null_func(void) -{ -} - -struct random_adaptor * -random_get_active_adaptor(void) -{ - - return (random_adaptor); -} - /* ARGSUSED */ static int random_close(struct cdev *dev __unused, int flags, int fmt __unused, Modified: head/sys/dev/random/randomdev.h == --- head/sys/dev/random/randomdev.h Sat Sep 7 20:52:31 2013 (r255378) +++ head/sys/dev/random/randomdev.h Sat Sep 7 22:07:36 2013 (r255379) @@ -53,4 +53,3 @@ struct random_adaptor { extern void random_ident_hardware(struct random_adaptor **); extern void random_null_func(void); -struct random_adaptor *random_get_active_adaptor(void); Modified: head/sys/dev/random/randomdev_soft.c == --- head/sys/dev/random/randomdev_soft.cSat Sep 7 20:52:31 2013 (r255378) +++ head/sys/dev/random/randomdev_soft.cSat Sep 7 22:07:36 2013 (r255379) @@ -79,7 +79,7 @@ static struct random_adaptor random_cont .write = randomdev_write, .poll = randomdev_poll, .reseed = randomdev_flush_reseed, - .seeded = 0, + .seeded = 1, }; #define RANDOM_MODULE_NAME yarrow #define RANDOM_CSPRNG_NAME "yarrow" @@ -95,7 +95,7 @@ static struct random_adaptor random_cont .write = randomdev_write, .poll = randomdev_poll, .reseed
svn commit: r255362 - in head: share/examples/kld share/examples/kld/random_adaptor sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe sys/dev/ubsec sys/kern sys/mips/c...
Author: markm Date: Sat Sep 7 14:15:13 2013 New Revision: 255362 URL: http://svnweb.freebsd.org/changeset/base/255362 Log: Bring in some behind-the-scenes development, mainly By Arthur Mesh, the rest by me. o Namespace cleanup; the Yarrow name is now restricted to where it really applies; this is in anticipation of being augmented or replaced by Fortuna in the future. Fortuna is mentioned, but behind #if logic, and is ignorable for now. o The harvest queue is pulled out into its own modules. o Entropy harvesting is emproved, both by being made more conservative, and by separating (a bit!) the sources. Available entropy crumbs are marginally improved. o Selection of sources is made clearer. With recent revelations, this will receive more work in the weeks and months to come. Submitted by: Arthur Mesh (partly) Added: head/share/examples/kld/random_adaptor/ - copied from r255353, projects/random_number_generator/share/examples/kld/random_adaptor/ head/sys/dev/random/pseudo_rng.c - copied unchanged from r255353, projects/random_number_generator/sys/dev/random/pseudo_rng.c head/sys/dev/random/random_harvestq.c - copied unchanged from r255353, projects/random_number_generator/sys/dev/random/random_harvestq.c head/sys/dev/random/random_harvestq.h - copied unchanged from r255353, projects/random_number_generator/sys/dev/random/random_harvestq.h Deleted: head/sys/dev/random/probe.c Modified: head/share/examples/kld/Makefile head/sys/conf/files head/sys/dev/glxsb/glxsb.c head/sys/dev/hifn/hifn7751.c head/sys/dev/random/harvest.c head/sys/dev/random/hash.c head/sys/dev/random/hash.h head/sys/dev/random/random_adaptors.c head/sys/dev/random/random_adaptors.h head/sys/dev/random/randomdev.c head/sys/dev/random/randomdev.h head/sys/dev/random/randomdev_soft.c head/sys/dev/random/randomdev_soft.h head/sys/dev/random/yarrow.c head/sys/dev/random/yarrow.h head/sys/dev/rndtest/rndtest.c head/sys/dev/safe/safe.c head/sys/dev/ubsec/ubsec.c head/sys/kern/kern_intr.c head/sys/mips/cavium/octeon_rnd.c head/sys/modules/random/Makefile head/sys/net/if_ethersubr.c head/sys/net/if_tun.c head/sys/netgraph/ng_iface.c head/sys/sys/random.h Directory Properties: head/ (props changed) head/sys/ (props changed) Modified: head/share/examples/kld/Makefile == --- head/share/examples/kld/MakefileSat Sep 7 14:04:10 2013 (r255361) +++ head/share/examples/kld/MakefileSat Sep 7 14:15:13 2013 (r255362) @@ -67,6 +67,6 @@ # $FreeBSD$ # -SUBDIR=cdev dyn_sysctl firmware khelp syscall +SUBDIR=cdev dyn_sysctl firmware khelp random_adaptor syscall .include Modified: head/sys/conf/files == --- head/sys/conf/files Sat Sep 7 14:04:10 2013(r255361) +++ head/sys/conf/files Sat Sep 7 14:15:13 2013(r255362) @@ -2042,8 +2042,9 @@ rt2860.fw optional rt2860fw | ralfw \ clean "rt2860.fw" dev/random/harvest.c standard dev/random/hash.c optional random -dev/random/probe.c optional random +dev/random/pseudo_rng.cstandard dev/random/random_adaptors.c standard +dev/random/random_harvestq.c standard dev/random/randomdev.c optional random dev/random/randomdev_soft.coptional random dev/random/yarrow.coptional random Modified: head/sys/dev/glxsb/glxsb.c == --- head/sys/dev/glxsb/glxsb.c Sat Sep 7 14:04:10 2013(r255361) +++ head/sys/dev/glxsb/glxsb.c Sat Sep 7 14:15:13 2013(r255362) @@ -476,7 +476,7 @@ glxsb_rnd(void *v) if (status & SB_RNS_TRNG_VALID) { value = bus_read_4(sc->sc_sr, SB_RANDOM_NUM); /* feed with one uint32 */ - random_harvest(&value, 4, 32, 0, RANDOM_PURE); + random_harvest(&value, 4, 32/2, 0, RANDOM_PURE); } callout_reset(&sc->sc_rngco, sc->sc_rnghz, glxsb_rnd, sc); Modified: head/sys/dev/hifn/hifn7751.c == --- head/sys/dev/hifn/hifn7751.cSat Sep 7 14:04:10 2013 (r255361) +++ head/sys/dev/hifn/hifn7751.cSat Sep 7 14:15:13 2013 (r255362) @@ -258,7 +258,7 @@ hifn_partname(struct hifn_softc *sc) static void default_harvest(struct rndtest_state *rsp, void *buf, u_int count) { - random_harvest(buf, count, count*NBBY, 0, RANDOM_PURE); + random_harvest(buf, count, count*NBBY/2, 0, RANDOM_PURE); } static u_int Modified: head/sys/dev/random/harvest.c == --- head/sys/dev/random/harve
Re: svn commit: r253779 - in head: . share/man/man4 sys/amd64/conf sys/arm/conf sys/conf sys/dev/random sys/i386/conf sys/ia64/conf sys/mips/conf sys/modules sys/modules/random sys/pc98/conf sys/power
This looks like a Good Thing(â„¢), thank you! I'm doing an implementation of Fortuna CSPRNG, and this is going to save me a BUNCH of work! M On 29 Jul 2013, at 21:26, David E. O'Brien wrote: > Author: obrien > Date: Mon Jul 29 20:26:27 2013 > New Revision: 253779 > URL: http://svnweb.freebsd.org/changeset/base/253779 > > Log: > Decouple yarrow from random(4) device. > -- Mark R V Murray ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r232930 - in stable/9: lib/libsm lib/libthread_db lib/libz libexec/mail.local libexec/smrsh sbin/fsdb share/mk sys/boot/i386/boot0 sys/boot/i386/boot2 sys/boot/i386/btx/btx sys/boot/i3
Dimitry Andric writes: > Author: dim > Date: Tue Mar 13 18:39:57 2012 > New Revision: 232930 > URL: http://svn.freebsd.org/changeset/base/232930 > > Log: > MFC r232263: > > Define several extra macros in bsd.sys.mk and sys/conf/kern.pre.mk, to > get rid of testing explicitly for clang (using ${CC:T:Mclang}) in > individual Makefiles. > > Instead, use the following extra macros, for use with clang: > - NO_WERROR.clang (disables -Werror) > - NO_WCAST_ALIGN.clang (disables -Wcast-align) > - NO_WFORMAT.clang (disables -Wformat and friends) > - CLANG_NO_IAS (disables integrated assembler) > - CLANG_OPT_SMALL (adds flags for extra small size optimizations) > > As a side effect, this enables setting CC/CXX/CPP in src.conf instead of > make.conf! For clang, use the following: > > CC=3Dclang > CXX=3Dclang++ > CPP=3Dclang-cpp Most excellent! Will you please update (make|src).conf, build(7) and UPDATING as appropriate? Thanks! M -- Mark R V Murray Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r231588 - in stable/8/lib: libcrypt libmd
Author: markm Date: Mon Feb 13 16:43:29 2012 New Revision: 231588 URL: http://svn.freebsd.org/changeset/base/231588 Log: MFC: sha256 ($5$) and sha512 ($6$) crypt(3) types. PR: misc/124164 Delayed by: markm Added: stable/8/lib/libcrypt/crypt-sha256.c - copied, changed from r220497, head/lib/libcrypt/crypt-sha256.c stable/8/lib/libcrypt/crypt-sha512.c - copied, changed from r220497, head/lib/libcrypt/crypt-sha512.c stable/8/lib/libmd/sha512.3 - copied unchanged from r220496, head/lib/libmd/sha512.3 stable/8/lib/libmd/sha512.h - copied unchanged from r220496, head/lib/libmd/sha512.h stable/8/lib/libmd/sha512c.c - copied unchanged from r220496, head/lib/libmd/sha512c.c Modified: stable/8/lib/libcrypt/Makefile stable/8/lib/libcrypt/crypt.c stable/8/lib/libcrypt/crypt.h stable/8/lib/libcrypt/misc.c stable/8/lib/libmd/Makefile stable/8/lib/libmd/mddriver.c stable/8/lib/libmd/rmddriver.c stable/8/lib/libmd/shadriver.c Directory Properties: stable/8/ (props changed) stable/8/lib/ (props changed) stable/8/lib/libcrypt/ (props changed) stable/8/lib/libmd/ (props changed) Modified: stable/8/lib/libcrypt/Makefile == --- stable/8/lib/libcrypt/Makefile Mon Feb 13 15:21:12 2012 (r231587) +++ stable/8/lib/libcrypt/Makefile Mon Feb 13 16:43:29 2012 (r231588) @@ -12,7 +12,9 @@ LIB= crypt .PATH: ${.CURDIR}/../libmd SRCS= crypt.c misc.c \ crypt-md5.c md5c.c \ - crypt-nthash.c md4c.c + crypt-nthash.c md4c.c \ + crypt-sha256.c sha256c.c \ + crypt-sha512.c sha512c.c MAN= crypt.3 MLINKS=crypt.3 crypt_get_format.3 crypt.3 crypt_set_format.3 CFLAGS+= -I${.CURDIR}/../libmd -I${.CURDIR}/../libutil @@ -29,7 +31,9 @@ CFLAGS+= -I${.CURDIR} -DHAS_DES -DHAS_BL SRCS+= auth.c property.c .for sym in auth_getval property_find properties_read properties_free \ MD4Init MD4Final MD4Update MD4Pad \ - MD5Init MD5Final MD5Update MD5Pad + MD5Init MD5Final MD5Update MD5Pad \ + SHA256_Init SHA256_Final SHA256_Update \ + SHA512_Init SHA512_Final SHA512_Update CFLAGS+= -D${sym}=__${sym} .endfor Copied and modified: stable/8/lib/libcrypt/crypt-sha256.c (from r220497, head/lib/libcrypt/crypt-sha256.c) == --- head/lib/libcrypt/crypt-sha256.cSat Apr 9 14:02:04 2011 (r220497, copy source) +++ stable/8/lib/libcrypt/crypt-sha256.cMon Feb 13 16:43:29 2012 (r231588) @@ -60,7 +60,7 @@ static const char sha256_rounds_prefix[] #define ROUNDS_MAX 9 static char * -sha256_crypt_r(const char *key, const char *salt, char *buffer, int buflen) +crypt_sha256_r(const char *key, const char *salt, char *buffer, int buflen) { u_long srounds; int n; @@ -268,12 +268,12 @@ sha256_crypt_r(const char *key, const ch /* This entry point is equivalent to crypt(3). */ char * -sha256_crypt(const char *key, const char *salt) +crypt_sha256(const char *key, const char *salt) { /* We don't want to have an arbitrary limit in the size of the * password. We can compute an upper bound for the size of the * result in advance and so we can prepare the buffer we pass to -* `sha256_crypt_r'. */ +* `crypt_sha256_r'. */ static char *buffer; static int buflen; int needed; @@ -293,7 +293,7 @@ sha256_crypt(const char *key, const char buflen = needed; } - return sha256_crypt_r(key, salt, buffer, buflen); + return crypt_sha256_r(key, salt, buffer, buflen); } #ifdef TEST @@ -459,7 +459,7 @@ main(void) } for (cnt = 0; cnt < ntests2; ++cnt) { - char *cp = sha256_crypt(tests2[cnt].input, tests2[cnt].salt); + char *cp = crypt_sha256(tests2[cnt].input, tests2[cnt].salt); if (strcmp(cp, tests2[cnt].expected) != 0) { printf("test %d: expected \"%s\", got \"%s\"\n", Copied and modified: stable/8/lib/libcrypt/crypt-sha512.c (from r220497, head/lib/libcrypt/crypt-sha512.c) == --- head/lib/libcrypt/crypt-sha512.cSat Apr 9 14:02:04 2011 (r220497, copy source) +++ stable/8/lib/libcrypt/crypt-sha512.cMon Feb 13 16:43:29 2012 (r231588) @@ -60,7 +60,7 @@ static const char sha512_rounds_prefix[] #define ROUNDS_MAX 9 static char * -sha512_crypt_r(const char *key, const char *salt, char *buffer, int buflen) +crypt_sha512_r(const char *key, const char *salt, char *buffer, int buflen) { u_long srounds; int n; @@ -280,12 +280,12 @@ sha512_crypt_r(const char *key, cons
Re: svn commit: r230230 - head/sys/dev/random
Andrey Chernov writes: > On Thu, Jan 26, 2012 at 10:13:41PM +0400, Andrey Chernov wrote: > > On Thu, Jan 26, 2012 at 12:52:43PM -0500, David Schultz wrote: > > > Why complicate things with atomics at all? A race might result in > > > arc4random(9) being seeded multiple times, but that's harmless. > > > > Multiply seeding in line is harmless, just waste of time and resources. > > Other case is one missing seeding when variable is set concurrently with > > its read. I see no complication using atomic. Latest version is even > > shorter than previous ones. > > Well, I almost forget about my special case: I have personal prohibition > from @secteam (5 years old already) to commit anything to all RNG areas. > > So, the question is: could anyone of you commit some version from this > thread, please? Sure; I'll do it. Please give me your test code/cases. > I don't insist of atomics in this sutuation, so you can peek any version > you like. I'll need to clearly see what works. M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r230230 - head/sys/dev/random
David Schultz writes: > > Although current version with current kernel flags works, I forget > > it is implementation defined in general and not always equal to > > sizeof(int), f.e. with gcc --short-enums. I'll remade it with > > #defines, thanx again. > > Why complicate things with atomics at all? A race might result in > arc4random(9) being seeded multiple times, but that's harmless. > > The race that worries me is that consumers that call arc4random() > before it is properly seeded will get predictable numbers. To fix > that robustly, we'd either have to move arc4random() into the random > module (tricky given all the places where it's used), or make the > random module a mandatory part of the kernel. There is a VERY old problem here, and it is of the chicken vs egg variety. The random device won't unlock until it has enough entropy, and there are things in the kernel that appear to need "random enough" numbers earlier than that. It ought to be possible to unlock the CSPRNG by harvesting entropy earlier, but this is hard work. Very hard work. Unless you have entropy-generating hardware. In the meanwhile, you are left with other alternatives; reseed arc4random() with some early entropy; try to move entropy consumers to later in the boot sequence; try to not depend on entropy early on, and correct for this later (where necessary). There are loads of other alternatives. What you can't do is unlock before you have enough entropy, and that won't happen until the running kernel has had some time to accumulate this. I am in favour of treating arc4random() as a PRNG with (say) the date/time, the TSC register and other easy-to-get data as the first seed. After that its treated as a CSPRNG. This requires that early consumers know the limitations and adapt to them. The notion of making arc4random() block would be silly; the point of the thing is that it always returns numbers, and after the random device seeds, it should always be good. > OpenSSL addresses the issue by providing two APIs: RAND_bytes() > requires a good entropy source and produces cryptographically strong > pseudorandomness. RAND_pseudo_bytes() produces "good" (but not > necessarily unpredictable) randomness, even in the absence of an > entropy source. Applications call one interface or the other, > depending on whether they require cryptographic- quality randomness. You are treading on graves here :-). An ancient bikeshed is buried in the vicinty. M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r230230 - head/sys/dev/random
Andrey Chernov writes: > On Sun, Jan 22, 2012 at 09:43:02PM +0000, Mark Murray wrote: > > > Thanx for review! I'll send final version to this thread a bit > > > later when I'll find more free time. > > Final, unless something else noticed. Cool. NOTE: I am only eyeballing this, not testing it. > --- sys/libkern.h.bak 2012-01-16 07:15:12.0 +0400 > +++ sys/libkern.h 2012-01-25 17:31:49.0 +0400 > @@ -72,6 +72,7 @@ static __inline quad_t qabs(quad_t a) { > > /* Prototypes for non-quad routines. */ > struct malloc_type; > +extern int arc4rand_iniseed_state; > uint32_t arc4random(void); > void arc4rand(void *ptr, u_int len, int reseed); > int bcmp(const void *, const void *, size_t); Fine. > --- dev/random/randomdev_soft.c.bak 2011-03-02 01:42:19.0 +0300 > +++ dev/random/randomdev_soft.c 2012-01-25 17:28:19.0 +0400 > @@ -366,6 +366,8 @@ random_yarrow_unblock(void) > selwakeuppri(&random_systat.rsel, PUSER); > wakeup(&random_systat); > } > + if (arc4rand_iniseed_state == 0) > + arc4rand_iniseed_state = 1; > } > > static int I thought you were going to do this as a function? It would be slightly neater to do it that way. > --- libkern/arc4random.c.bak 2008-08-08 01:51:09.0 +0400 > +++ libkern/arc4random.c 2012-01-25 17:30:30.0 +0400 > @@ -24,6 +24,8 @@ __FBSDID("$FreeBSD: src/sys/libkern/arc4 > #define ARC4_RESEED_SECONDS 300 > #define ARC4_KEYBYTES (256 / 8) > > +int arc4rand_iniseed_state = 0; > + > static u_int8_t arc4_i, arc4_j; > static int arc4_numruns = 0; > static u_int8_t arc4_sbox[256]; > @@ -74,6 +76,8 @@ arc4_randomstir (void) > /* Reset for next reseed cycle. */ > arc4_t_reseed = tv_now.tv_sec + ARC4_RESEED_SECONDS; > arc4_numruns = 0; > + if (arc4rand_iniseed_state == 1) > + arc4rand_iniseed_state = -1; > > /* >* Throw away the first N words of output, as suggested in the > @@ -130,7 +134,7 @@ arc4rand(void *ptr, u_int len, int resee > struct timeval tv; > > getmicrouptime(&tv); > - if (reseed || > + if (reseed || arc4rand_iniseed_state == 1 || > (arc4_numruns > ARC4_RESEED_BYTES) || > (tv.tv_sec > arc4_t_reseed)) > arc4_randomstir(); Looks good! Are you sure this needs no locking or volatile variables? M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r230230 - head/sys/dev/random
Andrey Chernov writes: > > Should be in a header file, nad _possibly_ should be volatile. If it > > works without being volatile, then OK. > > It was preliminary patch just to confirm/deny my understanding of your > idea. Ah, OK - in which case you got the idea correctly! > I'll put it into header. Cool. > In the final version I also plan to move that lines > + if (arc4rand_iniseed_state == 1) > + arc4rand_iniseed_state = -1; > into arc4_randomstir() where they will be protected with mutex lock, so > volatile will be not needed. It will be more logical, because other > reseeding conditions are resetted there too. Great. > > The rest is OK. I've not tested it, so this is not a review, simply an > > "OK" :-) > > Thanx for review! I'll send final version to this thread a bit > later when I'll find more free time. No problem. M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r230230 - head/sys/dev/random
Andrey Chernov writes: > > The usual way round this is with a flag. Set a static, volatile > > flag, defaulting "off", and set it to "on" when the seeding has > > happened. Then arc4random() can do the right thing, depending on > > this flag. > > Ok, what about this version, is it right? libkern/arc4rand.c is not a > module but always present in the kernel, so "arc4rand_iniseed_state" > will be always accessible. > > --- dev/random/randomdev_soft.c.old 2011-09-26 07:35:48.0 +0400 > +++ dev/random/randomdev_soft.c 2012-01-21 01:41:37.0 +0400 > @@ -55,6 +55,8 @@ __FBSDID("$FreeBSD: src/sys/dev/random/r > > #define RANDOM_FIFO_MAX 256 /* How many events to queue up */ > > +extern int arc4rand_iniseed_state; > + Should be in a header file, nad _possibly_ should be volatile. If it works without being volatile, then OK. The rest is OK. I've not tested it, so this is not a review, simply an "OK" :-) M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r230230 - head/sys/dev/random
Andrey Chernov writes: > > Look at the function random_yarrow_unblock(). Thats where yopu want to > > be doing this. This function is where the random device is unblocked > > once safely seeded. > > Thanx for your hint, but I fear one moment using random_yarrow_unblock(). > It is called under mtx_lock(&random_reseed_mtx) in reseed(). > And when arc4rand() seeding is called, it uses read_random(), so I see > possible deadlock can happens. The usual way round this is with a flag. Set a static, volatile flag, defaulting "off", and set it to "on" when the seeding has happened. Then arc4random() can do the right thing, depending on this flag. > In my version arc4rand() seeding happens only when this lock is released, > so no blocking is possible. Sure, but the dependancies created are problematic in their own right. M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r230230 - head/sys/dev/random
Andrey Chernov writes: > On Mon, Jan 16, 2012 at 08:18:10PM +, David Schultz wrote: > > Author: das > > Date: Mon Jan 16 20:18:10 2012 > > New Revision: 230230 > > URL: http://svn.freebsd.org/changeset/base/230230 > > > > Log: > > Generate a warning if the kernel's arc4random() is seeded with bogus > > entropy. > > While you are here, could you review/commit my patch to fix bad 31bit > arc4rand() seeding, please? > > --- yarrow.c.bak 2011-09-26 07:35:48.0 +0400 > +++ yarrow.c 2012-01-18 10:13:47.0 +0400 This is the wrong place for this; it may achieve the desired result, but the file is where the Yarrow algorithm is implepeneted; ARC4 reseeds are not a part of that, which makes this proposal a layering violation at best, and an unwarranted dependancy at worst. Look at the function random_yarrow_unblock(). Thats where yopu want to be doing this. This function is where the random device is unblocked once safely seeded. M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r220497 - head/lib/libcrypt
"David O'Brien" writes: > On Sat, Apr 09, 2011 at 02:02:04PM +, Mark Murray wrote: > > Log: > > Add SHA256/512 ($5$ and $6$) to crypt(3). Used in linux-world, doesn't > > hurt us. > > Would you mind if I committed this to be a more consistent with the > existing naming? Be my guest. M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r220498 - head/lib/libcrypt
Author: markm Date: Sat Apr 9 14:09:46 2011 New Revision: 220498 URL: http://svn.freebsd.org/changeset/base/220498 Log: Document SHA256/512 modes. MFC after:1 month Modified: head/lib/libcrypt/crypt.3 Modified: head/lib/libcrypt/crypt.3 == --- head/lib/libcrypt/crypt.3 Sat Apr 9 14:02:04 2011(r220497) +++ head/lib/libcrypt/crypt.3 Sat Apr 9 14:09:46 2011(r220498) @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd January 19, 1997 +.Dd April 9, 2011 .Dt CRYPT 3 .Os .Sh NAME @@ -188,6 +188,10 @@ MD5 Blowfish .It NT-Hash +.It +SHA-256 +.It +SHA-512 .El .Pp Other crypt formats may be easily added. @@ -226,7 +230,9 @@ Valid values are .\" .Ql des , .Ql blf , -.Ql md5 +.Ql md5 , +.Ql sha256 , +.Ql sha512 and .Ql nth . .Pp ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r220497 - head/lib/libcrypt
Author: markm Date: Sat Apr 9 14:02:04 2011 New Revision: 220497 URL: http://svn.freebsd.org/changeset/base/220497 Log: Add SHA256/512 ($5$ and $6$) to crypt(3). Used in linux-world, doesn't hurt us. PR: misc/124164 Submitted by: KIMURA Yasuhiro < yasu utahime org > MFC after:1 month Added: head/lib/libcrypt/crypt-sha256.c (contents, props changed) head/lib/libcrypt/crypt-sha512.c (contents, props changed) Modified: head/lib/libcrypt/Makefile head/lib/libcrypt/crypt.c head/lib/libcrypt/crypt.h head/lib/libcrypt/misc.c Modified: head/lib/libcrypt/Makefile == --- head/lib/libcrypt/Makefile Sat Apr 9 13:56:29 2011(r220496) +++ head/lib/libcrypt/Makefile Sat Apr 9 14:02:04 2011(r220497) @@ -12,7 +12,9 @@ LIB= crypt .PATH: ${.CURDIR}/../libmd SRCS= crypt.c misc.c \ crypt-md5.c md5c.c \ - crypt-nthash.c md4c.c + crypt-nthash.c md4c.c \ + crypt-sha256.c sha256c.c \ + crypt-sha512.c sha512c.c MAN= crypt.3 MLINKS=crypt.3 crypt_get_format.3 crypt.3 crypt_set_format.3 CFLAGS+= -I${.CURDIR}/../libmd -I${.CURDIR}/../libutil Added: head/lib/libcrypt/crypt-sha256.c == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/lib/libcrypt/crypt-sha256.cSat Apr 9 14:02:04 2011 (r220497) @@ -0,0 +1,477 @@ +/* + * Copyright (c) 2011 The FreeBSD Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Based on: + * SHA256-based Unix crypt implementation. Released into the Public Domain by + * Ulrich Drepper . */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "crypt.h" + +/* Define our magic string to mark salt for SHA256 "encryption" replacement. */ +static const char sha256_salt_prefix[] = "$5$"; + +/* Prefix for optional rounds specification. */ +static const char sha256_rounds_prefix[] = "rounds="; + +/* Maximum salt string length. */ +#define SALT_LEN_MAX 16 +/* Default number of rounds if not explicitly specified. */ +#define ROUNDS_DEFAULT 5000 +/* Minimum number of rounds. */ +#define ROUNDS_MIN 1000 +/* Maximum number of rounds. */ +#define ROUNDS_MAX 9 + +static char * +sha256_crypt_r(const char *key, const char *salt, char *buffer, int buflen) +{ + u_long srounds; + int n; + uint8_t alt_result[32], temp_result[32]; + SHA256_CTX ctx, alt_ctx; + size_t salt_len, key_len, cnt, rounds; + char *cp, *copied_key, *copied_salt, *p_bytes, *s_bytes, *endp; + const char *num; + bool rounds_custom; + + copied_key = NULL; + copied_salt = NULL; + + /* Default number of rounds. */ + rounds = ROUNDS_DEFAULT; + rounds_custom = false; + + /* Find beginning of salt string. The prefix should normally always +* be present. Just in case it is not. */ + if (strncmp(sha256_salt_prefix, salt, sizeof(sha256_salt_prefix) - 1) == 0) + /* Skip salt prefix. */ + salt += sizeof(sha256_salt_prefix) - 1; + + if (strncmp(salt, sha256_rounds_prefix, sizeof(sha256_rounds_prefix) - 1) + == 0) { + num = salt + sizeof(sha256_rounds_prefix) - 1; + srounds = strtoul(num, &endp, 10); + + if (*endp == '$') { + salt = endp + 1; + rounds = MAX(ROUNDS_MIN, MIN(sround
svn commit: r220496 - head/lib/libmd
Author: markm Date: Sat Apr 9 13:56:29 2011 New Revision: 220496 URL: http://svn.freebsd.org/changeset/base/220496 Log: Add SHA512 (Actually, this is Colin Percival's code for SHA256, with relevant constants changed). While I'm here clean up the tests and Makefile. PR: misc/124164 Submitted by: KIMURA Yasuhiro < yasu utahime org > MFC after:1 month Added: head/lib/libmd/sha512.3 (contents, props changed) head/lib/libmd/sha512.h (contents, props changed) head/lib/libmd/sha512c.c (contents, props changed) Modified: head/lib/libmd/Makefile head/lib/libmd/mddriver.c head/lib/libmd/rmddriver.c head/lib/libmd/shadriver.c Modified: head/lib/libmd/Makefile == --- head/lib/libmd/Makefile Sat Apr 9 13:45:13 2011(r220495) +++ head/lib/libmd/Makefile Sat Apr 9 13:56:29 2011(r220496) @@ -5,12 +5,13 @@ SHLIBDIR?= /lib SRCS= md2c.c md4c.c md5c.c md2hl.c md4hl.c md5hl.c \ rmd160c.c rmd160hl.c \ sha0c.c sha0hl.c sha1c.c sha1hl.c \ - sha256c.c sha256hl.c -INCS= md2.h md4.h md5.h ripemd.h sha.h sha256.h + sha256c.c sha256hl.c \ + sha512c.c sha512hl.c +INCS= md2.h md4.h md5.h ripemd.h sha.h sha256.h sha512.h WARNS?=0 -MAN+= md2.3 md4.3 md5.3 ripemd.3 sha.3 sha256.3 +MAN+= md2.3 md4.3 md5.3 ripemd.3 sha.3 sha256.3 sha512.3 MLINKS+=md2.3 MD2Init.3 md2.3 MD2Update.3 md2.3 MD2Final.3 MLINKS+=md2.3 MD2End.3 md2.3 MD2File.3 md2.3 MD2FileChunk.3 MLINKS+=md2.3 MD2Data.3 @@ -34,10 +35,15 @@ MLINKS+=sha256.3 SHA256_Init.3 sha256.3 MLINKS+=sha256.3 SHA256_Final.3 sha256.3 SHA256_End.3 MLINKS+=sha256.3 SHA256_File.3 sha256.3 SHA256_FileChunk.3 MLINKS+=sha256.3 SHA256_Data.3 +MLINKS+=sha512.3 SHA512_Init.3 sha512.3 SHA512_Update.3 +MLINKS+=sha512.3 SHA512_Final.3 sha512.3 SHA512_End.3 +MLINKS+=sha512.3 SHA512_File.3 sha512.3 SHA512_FileChunk.3 +MLINKS+=sha512.3 SHA512_Data.3 CLEANFILES+= md[245]hl.c md[245].ref md[245].3 mddriver \ rmd160.ref rmd160hl.c rmddriver \ sha0.ref sha0hl.c sha1.ref sha1hl.c shadriver \ - sha256.ref sha256hl.c + sha256.ref sha256hl.c sha512.ref sha512hl.c + CFLAGS+= -I${.CURDIR} .PATH: ${.CURDIR}/${MACHINE_ARCH} @@ -81,6 +87,12 @@ sha256hl.c: mdXhl.c -e 's/SHA256__/SHA256_/g' \ ${.ALLSRC}) > ${.TARGET} +sha512hl.c: mdXhl.c + (echo '#define LENGTH 64'; \ + sed -e 's/mdX/sha512/g' -e 's/MDX/SHA512_/g'\ + -e 's/SHA512__/SHA512_/g' \ + ${.ALLSRC}) > ${.TARGET} + rmd160hl.c: mdXhl.c (echo '#define LENGTH 20'; \ sed -e 's/mdX/ripemd/g' -e 's/MDX/RIPEMD160_/g' \ @@ -110,8 +122,10 @@ md4.ref: @echo 'MD4 ("abc") = a448017aaf21d8525fc10ae87aa6729d' >> ${.TARGET} @echo 'MD4 ("message digest") = d9130a8164549fe818874806e1c7014b' >> ${.TARGET} @echo 'MD4 ("abcdefghijklmnopqrstuvwxyz") = d79e1c308aa5bbcdeea8ed63df412da9' >> ${.TARGET} - @echo 'MD4 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") = 043f8582f241db351ce627e153e7f0e4' >> ${.TARGET} - @echo 'MD4 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = e33b4ddc9c38f2199c3e7b164fcc0536' >> ${.TARGET} + @echo 'MD4 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ + '043f8582f241db351ce627e153e7f0e4' >> ${.TARGET} + @echo 'MD4 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ + 'e33b4ddc9c38f2199c3e7b164fcc0536' >> ${.TARGET} md5.ref: echo 'MD5 test suite:' > ${.TARGET} @@ -124,54 +138,74 @@ md5.ref: @echo 'MD5 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") = 57edf4a22be3c955ac49da2e2107b67a' >> ${.TARGET} sha0.ref: - (echo 'SHA-0 test suite:'; \ - echo 'SHA-0 ("") = f96cea198ad1dd5617ac084a3d92c6107708c0ef'; \ - echo 'SHA-0 ("abc") = 0164b8a914cd2a5e74c4f7ff082c4d97f1edf880'; \ - echo 'SHA-0 ("message digest") =' \ - 'c1b0f222d150ebb9aa36a40cafdc8bcbed830b14'; \ - echo 'SHA-0 ("abcdefghijklmnopqrstuvwxyz") =' \ - 'b40ce07a430cfd3c033039b9fe9afec95dc1bdcd'; \ - echo 'SHA-0 ("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789") =' \ - '79e966f7a3a990df33e40e3d7f8f18d2caebadfa'; \ - echo 'SHA-0 ("12345678901234567890123456789012345678901234567890123456789012345678901234567890") =' \ - '4aa29d14d171522ece47bee8957e35a41f3e9cff' ) > ${.TARGET} + echo 'SHA-0 test suite:' > ${.TARGET} + @echo 'SHA-0 ("") = f96cea198ad1dd5617ac084a3d92c6107708c0ef' >> ${.TARGET} + @echo 'SHA-0 ("abc") = 0164b8a914cd2a5e74c4f7ff082c4d97f1edf880' >> ${.TARGET} + @echo 'SHA-0 ("message digest")
svn commit: r215463 - head/contrib/ipfilter/man
Author: markm Date: Thu Nov 18 18:22:58 2010 New Revision: 215463 URL: http://svn.freebsd.org/changeset/base/215463 Log: Fix paths for example files. Modified: head/contrib/ipfilter/man/ipnat.8 head/contrib/ipfilter/man/mkfilters.1 Modified: head/contrib/ipfilter/man/ipnat.8 == --- head/contrib/ipfilter/man/ipnat.8 Thu Nov 18 18:09:25 2010 (r215462) +++ head/contrib/ipfilter/man/ipnat.8 Thu Nov 18 18:22:58 2010 (r215463) @@ -66,6 +66,6 @@ and active rules/table entries. .SH FILES /dev/ipnat .br -/usr/share/examples/ipf Directory with examples. +/usr/share/examples/ipfilter Directory with examples. .SH SEE ALSO ipnat(5), ipf(8), ipfstat(8) Modified: head/contrib/ipfilter/man/mkfilters.1 == --- head/contrib/ipfilter/man/mkfilters.1 Thu Nov 18 18:09:25 2010 (r215462) +++ head/contrib/ipfilter/man/mkfilters.1 Thu Nov 18 18:22:58 2010 (r215463) @@ -6,7 +6,7 @@ mkfilters \- generate a minimal firewall .SH SYNOPSIS .B mkfilters .SH FILES -/usr/share/examples/ipf/mkfilters +/usr/share/examples/ipfilter/mkfilters .SH DESCRIPTION .PP \fBmkfilters\fP is a perl script that generates a minimal filter rule set for ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r215455 - in head: . cddl
Author: markm Date: Thu Nov 18 16:32:52 2010 New Revision: 215455 URL: http://svn.freebsd.org/changeset/base/215455 Log: Do not lint code beyond necessity (with apologies to Wiliam of Ockham). Don't lint externally maintained CDDL code, or relint the 32-bit libraries in amd64 mode. Modified: head/Makefile.inc1 head/cddl/Makefile.inc Modified: head/Makefile.inc1 == --- head/Makefile.inc1 Thu Nov 18 13:38:33 2010(r215454) +++ head/Makefile.inc1 Thu Nov 18 16:32:52 2010(r215455) @@ -322,7 +322,7 @@ LIB32WMAKEENV+= MAKEOBJDIRPREFIX=${OBJTR LIB32WMAKE=${LIB32WMAKEENV} ${MAKE} -DNO_CPU_CFLAGS -DCOMPAT_32BIT \ -DWITHOUT_BIND -DWITHOUT_MAN -DWITHOUT_INFO \ - -DWITHOUT_HTML -DNO_CTF DESTDIR=${LIB32TMP} + -DWITHOUT_HTML -DNO_CTF -DNO_LINT DESTDIR=${LIB32TMP} LIB32IMAKE=${LIB32WMAKE:NINSTALL=*:NDESTDIR=*} -DNO_INCS .endif Modified: head/cddl/Makefile.inc == --- head/cddl/Makefile.inc Thu Nov 18 13:38:33 2010(r215454) +++ head/cddl/Makefile.inc Thu Nov 18 16:32:52 2010(r215455) @@ -9,3 +9,8 @@ CFLAGS+=-DNEED_SOLARIS_BOOLEAN WARNS?=6 CSTD?= gnu89 + +# Do not lint the CDDL stuff. It is all externally maintained and +# lint output is wasteful noise here. + +NO_LINT= ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r215429 - in stable/8: share/man/man5 tools/build/mk usr.sbin/mailwrapper
Author: markm Date: Wed Nov 17 17:12:41 2010 New Revision: 215429 URL: http://svn.freebsd.org/changeset/base/215429 Log: MFC: Add /bin/rmail symlink to mailwrapper if sendmail is not being built and mailwrapper is being built. Ensure that it is not removed by "make delete-old". Add Exim example to man page. Modified: stable/8/share/man/man5/mailer.conf.5 stable/8/tools/build/mk/OptionalObsoleteFiles.inc stable/8/usr.sbin/mailwrapper/Makefile Modified: stable/8/share/man/man5/mailer.conf.5 == --- stable/8/share/man/man5/mailer.conf.5 Wed Nov 17 16:17:35 2010 (r215428) +++ stable/8/share/man/man5/mailer.conf.5 Wed Nov 17 17:12:41 2010 (r215429) @@ -31,7 +31,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 31, 2006 +.Dd November 17, 2010 .Dt MAILER.CONF 5 .Os .Sh NAME @@ -110,6 +110,22 @@ mailq /usr/local/sbin/sendmail newaliases /usr/local/sbin/sendmail .Ed .Pp +This example shows +how to invoke +a sendmail-workalike with +.Nm Exim +(from ports) +in place of +.Xr sendmail 8 : +.Bd -literal -offset indent +# Emulate sendmail using exim +sendmail /usr/local/sbin/exim +send-mail /usr/local/sbin/exim +mailq /usr/local/sbin/exim -bp +newaliases /usr/bin/true +rmail /usr/local/sbin/exim -i -oee +.Ed +.Pp This example shows the use of the .Nm mini_sendmail package from ports in place of Modified: stable/8/tools/build/mk/OptionalObsoleteFiles.inc == --- stable/8/tools/build/mk/OptionalObsoleteFiles.inc Wed Nov 17 16:17:35 2010(r215428) +++ stable/8/tools/build/mk/OptionalObsoleteFiles.inc Wed Nov 17 17:12:41 2010(r215429) @@ -1130,7 +1130,9 @@ OLD_FILES+=usr/share/man/man8/rshd.8.gz #.endif .if ${MK_SENDMAIL} == no +.if ${MK_MAILWRAPPER} == no OLD_FILES+=bin/rmail +.endif OLD_FILES+=usr/bin/vacation OLD_FILES+=usr/include/libmilter/mfapi.h OLD_FILES+=usr/include/libmilter/mfdef.h Modified: stable/8/usr.sbin/mailwrapper/Makefile == --- stable/8/usr.sbin/mailwrapper/Makefile Wed Nov 17 16:17:35 2010 (r215428) +++ stable/8/usr.sbin/mailwrapper/Makefile Wed Nov 17 17:12:41 2010 (r215429) @@ -23,6 +23,10 @@ SYMLINKS+= /usr/libexec/sendmail/sendmai .endif .endif +.if ${MK_MAILWRAPPER} != "no" && ${MK_SENDMAIL} == "no" +SYMLINKS+= ${BINDIR}/mailwrapper /bin/rmail +.endif + .if ${MK_MAILWRAPPER} != "no" .if !exists(${DESTDIR}/etc/mail/mailer.conf) FILES= ${.CURDIR}/../../etc/mail/mailer.conf ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r213749 - head/usr.sbin/mailwrapper
Mark Murray writes: > URL: http://svn.freebsd.org/changeset/base/213749 > > Log: > Create the /bin/rmail symlink (which mailers such as postfix > and Exim can use). > > This is something I thought I committed MONTHS ago, but it appears > that I fatfingered it and made a local commit. > > Pass the pointy hat, please. > > Modified: > head/usr.sbin/mailwrapper/Makefile Diligent prodding by: Alexander Leidinger M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r213749 - head/usr.sbin/mailwrapper
Author: markm Date: Tue Oct 12 21:01:26 2010 New Revision: 213749 URL: http://svn.freebsd.org/changeset/base/213749 Log: Create the /bin/rmail symlink (which mailers such as postfix and Exim can use). This is something I thought I committed MONTHS ago, but it appears that I fatfingered it and made a local commit. Pass the pointy hat, please. Modified: head/usr.sbin/mailwrapper/Makefile Modified: head/usr.sbin/mailwrapper/Makefile == --- head/usr.sbin/mailwrapper/Makefile Tue Oct 12 20:53:12 2010 (r213748) +++ head/usr.sbin/mailwrapper/Makefile Tue Oct 12 21:01:26 2010 (r213749) @@ -22,6 +22,10 @@ SYMLINKS+= /usr/libexec/sendmail/sendmai .endif .endif +.if ${MK_MAILWRAPPER} != "no" && ${MK_SENDMAIL} == "no" +SYMLINKS+= ${BINDIR}/mailwrapper /bin/rmail +.endif + .if ${MK_MAILWRAPPER} != "no" .if !exists(${DESTDIR}/etc/mail/mailer.conf) FILES= ${.CURDIR}/../../etc/mail/mailer.conf ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r213585 - head/tools/build/mk
Alexander Leidinger writes: > >> src/usr.sbin/mailwrapper/Makefile > > > > What am I doing wrong? > > I did not do a correct copy&paste... put the result is the same. > > > ---snip--- > > % grep rmail /usr/src/usr.sbin/mailwrapper > > % grep rmail /usr/src/usr.sbin/mailwrapper/Makefile My foul-up, sorry. It looks like I managed to not properly undo a local commit. I'll be committing the relevant bits shortly (properly this time!) Sorry about that! M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r213585 - head/tools/build/mk
Alexander Leidinger writes: > Can you please point out where rmail is installed when MK_SENDMAIL=no > and MK_MAILWRAPPER!=no? I can not find such a place. src/usr.sbin/mailwrapper/Makefile M -- Mark R V Murray Cert APS(Open) Dip Phys(Open) BSc Open(Open) BSc(Hons)(Open) Pi: 132511160 ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r213611 - head/usr.sbin/ypbind
Author: markm Date: Fri Oct 8 20:17:17 2010 New Revision: 213611 URL: http://svn.freebsd.org/changeset/base/213611 Log: Don't let the "available"/"not available" logs flap quite so badly. In the case of a multi-interfaced host, sub-second flapping can fill up the logs too quickly. This fixes that. Modified: head/usr.sbin/ypbind/ypbind.c Modified: head/usr.sbin/ypbind/ypbind.c == --- head/usr.sbin/ypbind/ypbind.c Fri Oct 8 20:13:42 2010 (r213610) +++ head/usr.sbin/ypbind/ypbind.c Fri Oct 8 20:17:17 2010 (r213611) @@ -116,6 +116,9 @@ int ypsetmode = YPSET_NO; int ypsecuremode = 0; int ppid; +#define NOT_RESPONDING_HYSTERESIS 10 +static int not_responding_count = 0; + /* * Special restricted mode variables: when in restricted mode, only the * specified restricted_domain will be bound, and only the servers listed @@ -654,9 +657,13 @@ broadcast(struct _dom_binding *ypdb) return; } - if (ypdb->dom_vers == -1 && (long)ypdb->dom_server_addr.sin_addr.s_addr) - syslog(LOG_WARNING, "NIS server [%s] for domain \"%s\" not responding", - inet_ntoa(ypdb->dom_server_addr.sin_addr), ypdb->dom_domain); + if (ypdb->dom_vers == -1 && (long)ypdb->dom_server_addr.sin_addr.s_addr) { + if (not_responding_count++ >= NOT_RESPONDING_HYSTERESIS) { + not_responding_count = NOT_RESPONDING_HYSTERESIS; + syslog(LOG_WARNING, "NIS server [%s] for domain \"%s\" not responding", + inet_ntoa(ypdb->dom_server_addr.sin_addr), ypdb->dom_domain); + } + } broad_domain = ypdb; flock(ypdb->dom_lockfd, LOCK_UN); @@ -886,9 +893,13 @@ rpc_received(char *dom, struct sockaddr_ } /* We've recovered from a crash: inform the world. */ - if (ypdb->dom_vers == -1 && ypdb->dom_server_addr.sin_addr.s_addr) - syslog(LOG_WARNING, "NIS server [%s] for domain \"%s\" OK", - inet_ntoa(raddrp->sin_addr), ypdb->dom_domain); + if (ypdb->dom_vers == -1 && ypdb->dom_server_addr.sin_addr.s_addr) { + if (not_responding_count >= NOT_RESPONDING_HYSTERESIS) { + not_responding_count = 0; + syslog(LOG_WARNING, "NIS server [%s] for domain \"%s\" OK", + inet_ntoa(raddrp->sin_addr), ypdb->dom_domain); + } + } bcopy(raddrp, &ypdb->dom_server_addr, sizeof ypdb->dom_server_addr); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r213609 - head/share/man/man5
Author: markm Date: Fri Oct 8 20:13:12 2010 New Revision: 213609 URL: http://svn.freebsd.org/changeset/base/213609 Log: Extend the "example" section a bit, for other mailers. Modified: head/share/man/man5/mailer.conf.5 Modified: head/share/man/man5/mailer.conf.5 == --- head/share/man/man5/mailer.conf.5 Fri Oct 8 20:12:00 2010 (r213608) +++ head/share/man/man5/mailer.conf.5 Fri Oct 8 20:13:12 2010 (r213609) @@ -31,7 +31,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 31, 2006 +.Dd October 8, 2010 .Dt MAILER.CONF 5 .Os .Sh NAME @@ -99,8 +99,9 @@ mailq /usr/libexec/sendmail/sendmail newaliases /usr/libexec/sendmail/sendmail .Ed .Pp -This example shows how to invoke a sendmail-workalike like Postfix in -place of +This example shows how to invoke a sendmail-workalike like +.Nm Postfix +in place of .Xr sendmail 8 : .Bd -literal -offset indent # Emulate sendmail using postfix @@ -110,6 +111,22 @@ mailq /usr/local/sbin/sendmail newaliases /usr/local/sbin/sendmail .Ed .Pp +This example shows +how to invoke +a sendmail-workalike with +.Nm Exim +(from ports) +in place of +.Xr sendmail 8 : +.Bd -literal -offset indent +# Emulate sendmail using exim +sendmail /usr/local/sbin/exim +send-mail /usr/local/sbin/exim +mailq /usr/local/sbin/exim -bp +newaliases /usr/bin/true +rmail /usr/local/sbin/exim -i -oee +.Ed +.Pp This example shows the use of the .Nm mini_sendmail package from ports in place of ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r213585 - head/tools/build/mk
Author: markm Date: Fri Oct 8 17:42:09 2010 New Revision: 213585 URL: http://svn.freebsd.org/changeset/base/213585 Log: Don't blow away /bin/rmail symlink if we are keeping mailwrapper. Mailwrapper can provide a perfectly good rmail with other mailers. Modified: head/tools/build/mk/OptionalObsoleteFiles.inc Modified: head/tools/build/mk/OptionalObsoleteFiles.inc == --- head/tools/build/mk/OptionalObsoleteFiles.inc Fri Oct 8 16:33:25 2010(r213584) +++ head/tools/build/mk/OptionalObsoleteFiles.inc Fri Oct 8 17:42:09 2010(r213585) @@ -2003,7 +2003,9 @@ OLD_FILES+=etc/periodic/daily/210.backup OLD_FILES+=etc/periodic/daily/440.status-mailq OLD_FILES+=etc/periodic/daily/460.status-mail-rejects OLD_FILES+=etc/periodic/daily/500.queuerun +.if ${MK_MAILWRAPPER} == no OLD_FILES+=bin/rmail +.endif OLD_FILES+=usr/bin/vacation OLD_FILES+=usr/include/libmilter/mfapi.h OLD_FILES+=usr/include/libmilter/mfdef.h ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r198005 - head
Author: markm Date: Mon Oct 12 21:10:28 2009 New Revision: 198005 URL: http://svn.freebsd.org/changeset/base/198005 Log: We haven't installed usbdevs for many moons now, and it doesn't work any more anyway. Add it to the "obsolete" list. Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Mon Oct 12 21:08:38 2009(r198004) +++ head/ObsoleteFiles.inc Mon Oct 12 21:10:28 2009(r198005) @@ -503,6 +503,8 @@ OLD_FILES+=usr/include/dev/usb/usb_quirk OLD_FILES+=usr/include/dev/usb/usbcdc.h OLD_FILES+=usr/include/dev/usb/usbdivar.h OLD_FILES+=usr/include/dev/usb/uxb360gp_rdesc.h +OLD_FILES+=usr/sbin/usbdevs +OLD_FILES+=usr/share/man/man8/usbdevs.8.gz # 20090203: removal of pccard header files OLD_FILES+=usr/include/pccard/cardinfo.h OLD_FILES+=usr/include/pccard/cis.h ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r194194 - head
Author: markm Date: Sun Jun 14 15:16:24 2009 New Revision: 194194 URL: http://svn.freebsd.org/changeset/base/194194 Log: Allow "make update" work with SVN, if you take the time to set up your /etc/make.conf properly. Only one SCM? I do not think this is right. Now I have fixed it. Modified: head/Makefile.inc1 Modified: head/Makefile.inc1 == --- head/Makefile.inc1 Sun Jun 14 14:46:20 2009(r194193) +++ head/Makefile.inc1 Sun Jun 14 15:16:24 2009(r194194) @@ -94,6 +94,8 @@ CLEANDIR= cleandir CVS?= cvs CVSFLAGS?= -A -P -d -I! +SVN?= svn +SVNFLAGS?= -r HEAD SUP?= /usr/bin/csup SUPFLAGS?= -g -L 2 .if defined(SUPHOST) @@ -854,10 +856,24 @@ update: .endif .endif .if defined(CVS_UPDATE) - @echo "--" - @echo ">>> Updating ${.CURDIR} from CVS repository" ${CVSROOT} - @echo "--" - cd ${.CURDIR}; ${CVS} -R -q update ${CVSFLAGS} + @cd ${.CURDIR} ; \ + if [ -d CVS ] ; then \ + echo "--" ; \ + echo ">>> Updating ${.CURDIR} from CVS repository" ${CVSROOT} ; \ + echo "--" ; \ + echo ${CVS} -R -q update ${CVSFLAGS} ; \ + ${CVS} -R -q update ${CVSFLAGS} ; \ + fi +.endif +.if defined(SVN_UPDATE) + @cd ${.CURDIR} ; \ + if [ -d .svn ] ; then \ + echo "--" ; \ + echo ">>> Updating ${.CURDIR} using Subversion" ; \ + echo "--" ; \ + echo ${SVN} update ${SVNFLAGS} ; \ + ${SVN} update ${SVNFLAGS} ; \ + fi .endif # ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r192775 - head/share/misc
Author: markm Date: Mon May 25 23:06:46 2009 New Revision: 192775 URL: http://svn.freebsd.org/changeset/base/192775 Log: I have been here long The duration I know not I tell what I can Modified: head/share/misc/committers-src.dot Modified: head/share/misc/committers-src.dot == --- head/share/misc/committers-src.dot Mon May 25 22:50:11 2009 (r192774) +++ head/share/misc/committers-src.dot Mon May 25 23:06:46 2009 (r192775) @@ -127,6 +127,7 @@ linimon [label="Mark linimon\nlini...@fr lstewart [label="Lawrence stewart\nlstew...@freebsd.org\n2008/10/06"] lulf [label="Ulf lilleengen\nl...@freebsd.org\n2007/10/24"] marcel [label="Marcel moolenaar\nmar...@freebsd.org\n1999/07/03"] +markm [label="Mark murray\nma...@freebsd.org\n199?/??/??"] marks [label="Mark santcroos\nma...@freebsd.org\n2004/03/18"] markus [label="Markus brueffer\nmar...@freebsd.org\n2006/06/01"] matteo [label="Matteo riondato\nmat...@freebsd.org\n2006/01/18"] @@ -344,6 +345,8 @@ marcel -> arun marcel -> marius marcel -> nwhitehorn +markm -> sheldonh + mdodd -> jake mlaier -> benjsc @@ -378,6 +381,8 @@ philip -> matteo pjd -> lulf +rgrimes -> markm + rpaulo -> avg ru -> ceri ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r192774 - head/sys/dev/random
Author: markm Date: Mon May 25 22:50:11 2009 New Revision: 192774 URL: http://svn.freebsd.org/changeset/base/192774 Log: There is rubbish here It is time to take it out Now it is cleaner Modified: head/sys/dev/random/nehemiah.c head/sys/dev/random/randomdev_soft.c Modified: head/sys/dev/random/nehemiah.c == --- head/sys/dev/random/nehemiah.c Mon May 25 21:29:06 2009 (r192773) +++ head/sys/dev/random/nehemiah.c Mon May 25 22:50:11 2009 (r192774) @@ -129,7 +129,7 @@ random_nehemiah_init(void) { acw.raw = 0ULL; acw.field.round_count = 12; - + mtx_init(&random_nehemiah_mtx, "random nehemiah", NULL, MTX_DEF); } Modified: head/sys/dev/random/randomdev_soft.c == --- head/sys/dev/random/randomdev_soft.cMon May 25 21:29:06 2009 (r192773) +++ head/sys/dev/random/randomdev_soft.cMon May 25 22:50:11 2009 (r192774) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2000-2004 Mark R V Murray + * Copyright (c) 2000-2009 Mark R V Murray * Copyright (c) 2004 Robert N. M. Watson * All rights reserved. * @@ -56,7 +56,7 @@ __FBSDID("$FreeBSD$"); #define RANDOM_FIFO_MAX256 /* How many events to queue up */ static void random_kthread(void *); -static void +static void random_harvest_internal(u_int64_t, const void *, u_int, u_int, u_int, enum esource); static int random_yarrow_poll(int event,struct thread *td); @@ -235,7 +235,7 @@ random_kthread(void *arg __unused) { STAILQ_HEAD(, harvest) local_queue; struct harvest *event = NULL; - int active, local_count; + int local_count; enum esource source; STAILQ_INIT(&local_queue); @@ -244,8 +244,6 @@ random_kthread(void *arg __unused) /* Process until told to stop */ for (; random_kthread_control >= 0;) { - active = 0; - /* Cycle through all the entropy sources */ mtx_lock_spin(&harvest_mtx); for (source = RANDOM_START; source < ENTROPYSOURCE; source++) { @@ -284,9 +282,8 @@ random_kthread(void *arg __unused) if (random_kthread_control == 1) random_kthread_control = 0; - /* Found nothing, so don't belabour the issue */ - if (!active) - pause("-", hz / 10); + /* Work done, so don't belabour the issue */ + pause("-", hz / 10); } @@ -381,7 +378,7 @@ random_yarrow_poll(int events, struct th revents = events & (POLLIN | POLLRDNORM); else selrecord(td, &random_systat.rsel); - + mtx_unlock(&random_reseed_mtx); return revents; } @@ -407,7 +404,7 @@ random_yarrow_block(int flag) mtx_unlock(&random_reseed_mtx); return error; -} +} /* Helper routine to perform explicit reseeds */ static void ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r192766 - head/share/syscons/keymaps
Author: markm Date: Mon May 25 17:06:24 2009 New Revision: 192766 URL: http://svn.freebsd.org/changeset/base/192766 Log: Euro is missing With this I shall see it fixed Thank you for your time Modified: head/share/syscons/keymaps/uk.iso-ctrl.kbd Modified: head/share/syscons/keymaps/uk.iso-ctrl.kbd == --- head/share/syscons/keymaps/uk.iso-ctrl.kbd Mon May 25 16:38:47 2009 (r192765) +++ head/share/syscons/keymaps/uk.iso-ctrl.kbd Mon May 25 17:06:24 2009 (r192766) @@ -8,7 +8,7 @@ 002 '1''!'nopnop'`''`'nopnop O 003 '2''"'nulnul'@''@'nulnul O 004 '3'163nopnop'#''#'nopnop O - 005 '4''$'nopnop'4''$'nopnop O + 005 '4''$'164164'4''$'nopnop O 006 '5''%'nopnop'5''%'nopnop O 007 '6''^'rs rs '^''^'rs rs O 008 '7''&'nopnop'[''['escesc O ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"