Use subr_cprng.c instead of stub implementation. Rijndael migrates from

rumpkern_crypto to rumpkern due to it being mandatory for cprng.

sys/rump/kern/lib/libcrypto/Makefile

@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.2 2014/01/14 17:05:50 pgoyette Exp $
+#	$NetBSD: Makefile,v 1.3 2014/01/17 01:32:53 pooka Exp $
 #
 
 .PATH:	${.CURDIR}/../../../../crypto/arc4				\
@@ -27,7 +27,8 @@ SRCS+=	cast128.c
 SRCS+=	des_ecb.c des_setkey.c des_enc.c des_cbc.c des_module.c
 
 # rijndael
-SRCS+=	rijndael-alg-fst.c rijndael-api-fst.c rijndael.c
+# rijndael is in rumpkern due to it being used by cprng
+#SRCS+=	rijndael-alg-fst.c rijndael-api-fst.c rijndael.c
 
 # skipjack
 SRCS+=	skipjack.c

sys/rump/librump/rumpkern/Makefile.rumpkern

@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.rumpkern,v 1.134 2013/12/09 17:57:11 pooka Exp $
+#	$NetBSD: Makefile.rumpkern,v 1.135 2014/01/17 01:32:53 pooka Exp $
 #
 
 .include "${RUMPTOP}/Makefile.rump"
@@ -12,6 +12,8 @@ LIB=		rump
 	${RUMPTOP}/../uvm					\
 	${RUMPTOP}/../conf					\
 	${RUMPTOP}/../dev					\
+	${RUMPTOP}/../crypto/nist_ctr_drbg			\
+	${RUMPTOP}/../crypto/rijndael				\
 	${RUMPTOP}/../secmodel					\
 	${RUMPTOP}/../secmodel/suser				\
 	${RUMPTOP}/../compat/common
@@ -21,7 +23,7 @@ LIB=		rump
 # 
 SRCS+=	rump.c rumpcopy.c cons.c emul.c intr.c lwproc.c klock.c	\
 	kobj_rename.c ltsleep.c scheduler.c			\
-	signals.c sleepq.c threads.c vm.c cprng_stub.c
+	signals.c sleepq.c threads.c vm.c hyperentropy.c
 
 # autogenerated into the correct namespace
 RUMPOBJ_NORENAME= rump_syscalls.*o
@@ -98,6 +100,7 @@ SRCS+=	init_sysctl_base.c	\
 	subr_devsw.c		\
 	subr_callback.c		\
 	subr_copy.c		\
+	subr_cprng.c		\
 	subr_device.c		\
 	subr_evcnt.c		\
 	subr_extent.c		\
@@ -140,6 +143,14 @@ SRCS+=	vnode_if.c
 # sys/dev
 SRCS+=	clock_subr.c
 
+# sys/dev/crypto
+# Note: these are here only for cprng.  More crypto algos for drivers
+# are available from the rumpkern_crypto component
+SRCS+=	nist_ctr_drbg.c
+SRCS+=	rijndael-alg-fst.c
+SRCS+=	rijndael-api-fst.c
+SRCS+=	rijndael.c	
+
 # compat
 SRCS+=	kern_select_50.c
 

sys/rump/librump/rumpkern/cprng_stub.c

@@ -1,130 +0,0 @@
-/*	$NetBSD: cprng_stub.c,v 1.8 2013/07/01 20:02:15 riastradh Exp $ */
-
-/*-
- * Copyright (c) 2011 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Thor Lancelot Simon.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <sys/param.h>
-#include <sys/types.h>
-#include <sys/cprng.h>
-#include <sys/event.h>
-#include <sys/kernel.h>
-#include <sys/kmem.h>
-#include <sys/mutex.h>
-#include <sys/poll.h>
-#include <sys/rngtest.h>
-#include <sys/systm.h>
-#include <sys/time.h>
-
-#include <rump/rumpuser.h>
-
-/*
- * This is all stubbed out because of rump build dependency issues I
- * cannot fix.  One is more-or-less caused by the longstanding bogosity
- * that sys/dev/rnd.c implements *both* the in-kernel interface *and*
- * the pseudodevice.  The other, by the fact that I am not smart enough
- * to understand how to deal with code in rumpkern that depends on code
- * that lives in sys/crypto.  Sigh.
- */
-
-cprng_strong_t *kern_cprng = NULL;
-
-void
-cprng_init(void)
-{
-	return;
-}
-
-cprng_strong_t *
-cprng_strong_create(const char *const name __unused, int ipl __unused,
-    int flags __unused)
-{
-	return NULL;
-}
-
-size_t
-cprng_strong(cprng_strong_t *c __unused, void *p, size_t len,
-    int blocking __unused)
-{
-	KASSERT(c == NULL);
-	cprng_fast(p, len);		/* XXX! */
-	return len;
-}
-
-int
-cprng_strong_kqfilter(cprng_strong_t *c __unused, struct knote *kn __unused)
-{
-	KASSERT(c == NULL);
-	kn->kn_data = CPRNG_MAX_LEN;
-	return 1;
-}
-
-int
-cprng_strong_poll(cprng_strong_t *c __unused, int events)
-{
-	KASSERT(c == NULL);
-	return (events & (POLLIN | POLLRDNORM));
-}
-
-void
-cprng_strong_destroy(cprng_strong_t *c __unused)
-{
-	KASSERT(c == NULL);
-}
-
-size_t
-cprng_fast(void *p, size_t len)
-{
-	size_t randlen;
-
-	rumpuser_getrandom(p, len, 0, &randlen);
-	KASSERT(randlen == len);
-	return len;
-}
-
-uint32_t
-cprng_fast32(void)
-{
-	size_t randlen;
-	uint32_t ret;
-
-	rumpuser_getrandom(&ret, sizeof(ret), 0, &randlen);
-	KASSERT(randlen == sizeof(ret));
-	return ret;
-}
-
-uint64_t
-cprng_fast64(void)
-{
-	uint64_t ret;
-
-	size_t randlen;
-	rumpuser_getrandom(&ret, sizeof(ret), 0, &randlen);
-	KASSERT(randlen == sizeof(ret));
-	return ret;
-}

sys/rump/librump/rumpkern/emul.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: emul.c,v 1.160 2013/12/16 15:36:29 pooka Exp $	*/
+/*	$NetBSD: emul.c,v 1.161 2014/01/17 01:32:53 pooka Exp $	*/
 
 /*
  * Copyright (c) 2007-2011 Antti Kantee.  All Rights Reserved.
@@ -26,7 +26,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: emul.c,v 1.160 2013/12/16 15:36:29 pooka Exp $");
+__KERNEL_RCSID(0, "$NetBSD: emul.c,v 1.161 2014/01/17 01:32:53 pooka Exp $");
 
 #include <sys/param.h>
 #include <sys/null.h>
@@ -52,6 +52,7 @@ __KERNEL_RCSID(0, "$NetBSD: emul.c,v 1.160 2013/12/16 15:36:29 pooka Exp $");
 #include <sys/syscallvar.h>
 #include <sys/xcall.h>
 #include <sys/sleepq.h>
+#include <sys/cprng.h>
 
 #include <dev/cons.h>
 
@@ -140,6 +141,8 @@ struct emul emul_netbsd = {
 
 u_int nprocs = 1;
 
+cprng_strong_t *kern_cprng;
+
 int
 kpause(const char *wmesg, bool intr, int timeo, kmutex_t *mtx)
 {

sys/rump/librump/rumpkern/hyperentropy.c

@@ -0,0 +1,68 @@
+/*	$NetBSD: hyperentropy.c,v 1.1 2014/01/17 01:32:53 pooka Exp $	*/
+
+/*
+ * Copyright (c) 2014 Antti Kantee.  All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__KERNEL_RCSID(0, "$NetBSD: hyperentropy.c,v 1.1 2014/01/17 01:32:53 pooka Exp $");
+
+#include <sys/param.h>
+#include <sys/kmem.h>
+#include <sys/rnd.h>
+
+#include <rump/rumpuser.h>
+
+#include "rump_private.h"
+
+static krndsource_t rndsrc;
+
+static void
+feedrandom(size_t bytes, void *arg)
+{
+	uint8_t rnddata[1024];
+	size_t dsize;
+
+	/* stuff max 1k worth, we'll be called again if necessary */
+	if (rumpuser_getrandom(rnddata, MIN(sizeof(rnddata), bytes),
+	    RUMPUSER_RANDOM_HARD|RUMPUSER_RANDOM_NOWAIT, &dsize) == 0)
+		rnd_add_data(&rndsrc, rnddata, dsize, 8*dsize);
+}
+
+void
+rump_hyperentropy_init(void)
+{
+
+	if (rump_threads) {
+		rndsource_setcb(&rndsrc, feedrandom, &rndsrc);
+		rnd_attach_source(&rndsrc, "rump_hyperent", RND_TYPE_VM,
+		    RND_FLAG_NO_ESTIMATE|RND_FLAG_HASCB);
+		feedrandom(128, NULL);
+	} else {
+		/* without threads, 1024 bytes ought to be enough for anyone */
+		rnd_attach_source(&rndsrc, "rump_hyperent", RND_TYPE_VM,
+		    RND_FLAG_NO_ESTIMATE);
+		feedrandom(1024, NULL);
+	}
+}

sys/rump/librump/rumpkern/rump.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: rump.c,v 1.281 2013/12/16 15:36:30 pooka Exp $	*/
+/*	$NetBSD: rump.c,v 1.282 2014/01/17 01:32:53 pooka Exp $	*/
 
 /*
  * Copyright (c) 2007-2011 Antti Kantee.  All Rights Reserved.
@@ -26,7 +26,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: rump.c,v 1.281 2013/12/16 15:36:30 pooka Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rump.c,v 1.282 2014/01/17 01:32:53 pooka Exp $");
 
 #include <sys/systm.h>
 #define ELFSIZE ARCH_ELFSIZE
@@ -338,13 +338,10 @@ rump_init(void)
 	secmodel_init();
 
 	rnd_init();
-
-	/*
-	 * Create the kernel cprng.  Yes, it's currently stubbed out
-	 * to arc4random() for RUMP, but this won't always be so.
-	 */
+	cprng_init();
 	kern_cprng = cprng_strong_create("kernel", IPL_VM,
-					 CPRNG_INIT_ANY|CPRNG_REKEY_ANY);
+	    CPRNG_INIT_ANY|CPRNG_REKEY_ANY);
+	rump_hyperentropy_init();
 
 	procinit();
 	proc0_init();
@@ -404,6 +401,8 @@ rump_init(void)
 	/* CPUs are up.  allow kernel threads to run */
 	rump_thread_allow();
 
+	rnd_init_softint();
+
 	mksysctls();
 	kqueue_init();
 	iostat_init();

sys/rump/librump/rumpkern/rump_private.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: rump_private.h,v 1.78 2013/10/27 20:25:45 pooka Exp $	*/
+/*	$NetBSD: rump_private.h,v 1.79 2014/01/17 01:32:53 pooka Exp $	*/
 
 /*
  * Copyright (c) 2007-2011 Antti Kantee.  All Rights Reserved.
@@ -150,4 +150,6 @@ void	rump_thread_allow(void);
 
 void	rump_consdev_init(void);
 
+void	rump_hyperentropy_init(void);
+
 #endif /* _SYS_RUMP_PRIVATE_H_ */