Module Name: src
Committed By: tls
Date: Wed Sep 5 18:57:34 UTC 2012
Modified Files:
src/sys/kern: kern_rndq.c subr_cprng.c
src/sys/sys: rnd.h
Log Message:
Don't wait until the pool *fills* to rekey anything that was keyed with
insufficient entropy at boot: key it as soon as it makes any request after
we hit the minimum entropy threshold.
This too should help avoid predictable output at boot time.
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/sys/kern/kern_rndq.c
cvs rdiff -u -r1.9 -r1.10 src/sys/kern/subr_cprng.c
cvs rdiff -u -r1.32 -r1.33 src/sys/sys/rnd.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_rndq.c
diff -u src/sys/kern/kern_rndq.c:1.4 src/sys/kern/kern_rndq.c:1.5
--- src/sys/kern/kern_rndq.c:1.4 Wed Sep 5 18:06:52 2012
+++ src/sys/kern/kern_rndq.c Wed Sep 5 18:57:34 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_rndq.c,v 1.4 2012/09/05 18:06:52 tls Exp $ */
+/* $NetBSD: kern_rndq.c,v 1.5 2012/09/05 18:57:34 tls Exp $ */
/*-
* Copyright (c) 1997-2011 The NetBSD Foundation, Inc.
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_rndq.c,v 1.4 2012/09/05 18:06:52 tls Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_rndq.c,v 1.5 2012/09/05 18:57:34 tls Exp $");
#include <sys/param.h>
#include <sys/ioctl.h>
@@ -168,7 +168,7 @@ static void rnd_add_data_ts(krndso
uint32_t, uint32_t, uint32_t);
int rnd_ready = 0;
-static int rnd_have_entropy = 0;
+int rnd_initial_entropy = 0;
#ifdef DIAGNOSTIC
static int rnd_tested = 0;
@@ -255,11 +255,11 @@ rnd_wakeup_readers(void)
*/
if (rndpool_get_entropy_count(&rnd_pool) > RND_ENTROPY_THRESHOLD * 8) {
#ifdef RND_VERBOSE
- if (!rnd_have_entropy)
+ if (!rnd_initial_entropy)
printf("rnd: have initial entropy (%u)\n",
rndpool_get_entropy_count(&rnd_pool));
#endif
- rnd_have_entropy = 1;
+ rnd_initial_entropy = 1;
mutex_spin_exit(&rndpool_mtx);
} else {
mutex_spin_exit(&rndpool_mtx);
@@ -447,7 +447,7 @@ rnd_init(void)
RND_POOLBITS / 2));
if (rndpool_get_entropy_count(&rnd_pool) >
RND_ENTROPY_THRESHOLD * 8) {
- rnd_have_entropy = 1;
+ rnd_initial_entropy = 1;
}
mutex_spin_exit(&rndpool_mtx);
#ifdef RND_VERBOSE
@@ -914,7 +914,7 @@ rnd_extract_data_locked(void *p, u_int32
}
timed_in++;
}
- if (__predict_false(!rnd_have_entropy)) {
+ if (__predict_false(!rnd_initial_entropy)) {
u_int32_t c;
#ifdef RND_VERBOSE
Index: src/sys/kern/subr_cprng.c
diff -u src/sys/kern/subr_cprng.c:1.9 src/sys/kern/subr_cprng.c:1.10
--- src/sys/kern/subr_cprng.c:1.9 Sat May 19 16:00:41 2012
+++ src/sys/kern/subr_cprng.c Wed Sep 5 18:57:34 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: subr_cprng.c,v 1.9 2012/05/19 16:00:41 tls Exp $ */
+/* $NetBSD: subr_cprng.c,v 1.10 2012/09/05 18:57:34 tls Exp $ */
/*-
* Copyright (c) 2011 The NetBSD Foundation, Inc.
@@ -46,7 +46,7 @@
#include <sys/cprng.h>
-__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.9 2012/05/19 16:00:41 tls Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.10 2012/09/05 18:57:34 tls Exp $");
void
cprng_init(void)
@@ -171,7 +171,7 @@ cprng_strong_create(const char *const na
c->reseed.state = RSTATE_IDLE;
c->reseed.cb = cprng_strong_reseed;
c->reseed.arg = c;
- c->entropy_serial = rnd_filled;
+ c->entropy_serial = rnd_initial_entropy ? rnd_filled : -1;
mutex_init(&c->reseed.mtx, MUTEX_DEFAULT, IPL_VM);
strlcpy(c->reseed.name, name, sizeof(c->reseed.name));
@@ -228,8 +228,14 @@ cprng_strong(cprng_strong_t *const c, vo
}
mutex_enter(&c->mtx);
+ /* If we were initialized with the pool empty, rekey ASAP */
+ if (__predict_false(c->entropy_serial == -1) && rnd_initial_entropy) {
+ goto rekeyany; /* We have _some_ entropy, use it. */
+ }
+
if (nist_ctr_drbg_generate(&c->drbg, p, len, &cc, sizeof(cc))) {
/* A generator failure really means we hit the hard limit. */
+rekeyany:
if (c->flags & CPRNG_REKEY_ANY) {
uint8_t key[NIST_BLOCK_KEYLEN_BYTES];
Index: src/sys/sys/rnd.h
diff -u src/sys/sys/rnd.h:1.32 src/sys/sys/rnd.h:1.33
--- src/sys/sys/rnd.h:1.32 Fri Apr 20 21:57:34 2012
+++ src/sys/sys/rnd.h Wed Sep 5 18:57:33 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: rnd.h,v 1.32 2012/04/20 21:57:34 tls Exp $ */
+/* $NetBSD: rnd.h,v 1.33 2012/09/05 18:57:33 tls Exp $ */
/*-
* Copyright (c) 1997 The NetBSD Foundation, Inc.
@@ -187,6 +187,7 @@ rnd_add_uint32(krndsource_t *kr, uint32_
extern int rnd_full;
extern int rnd_filled;
+extern int rnd_initial_entropy;
#endif /* _KERNEL */
