Remove rnd_extract_data from the public kernel API (it is for use by the

stream generators only). Clean up some related minor issues.
2011-11-29 03:50:31 +00:00 · 2011-11-29 03:50:31 +00:00 · 38f95ba1b7
commit 38f95ba1b7
parent 7db676852a
10 changed files with 96 additions and 73 deletions
--- a/sys/dev/iscsi/iscsi_globals.h
+++ b/sys/dev/iscsi/iscsi_globals.h
@ -1,4 +1,4 @@
-/*	$NetBSD: iscsi_globals.h,v 1.1 2011/10/23 21:15:02 agc Exp $	*/
+/*	$NetBSD: iscsi_globals.h,v 1.2 2011/11/29 03:50:31 tls Exp $	*/

 /*-
 * Copyright (c) 2004,2005,2006,2011 The NetBSD Foundation, Inc.
@ -554,25 +554,6 @@ uint8_t InitiatorName[ISCSI_STRING_LENGTH];
 uint8_t InitiatorAlias[ISCSI_STRING_LENGTH];
 login_isid_t InitiatorISID;

-
-/* -------------------------  Global Functions  ----------------------------- */
-
-#ifdef __NetBSD__
-#define GEN_RAND(buffer, len) rnd_extract_data (buffer, len, RND_EXTRACT_ANY)
-#else
-#define GEN_RAND(buffer, len) get_random_bytes (buffer, len)
-#endif
-
-static __inline uint8_t
-randb(void)
-{
-	uint8_t buf;
-
-	GEN_RAND(&buf, 1);
-	return buf;
-}
-
-
 /* Debugging and profiling stuff */

 #include "iscsi_profile.h"
--- a/sys/dev/iscsi/iscsi_test.c
+++ b/sys/dev/iscsi/iscsi_test.c
@ -1,4 +1,4 @@
-/*	$NetBSD: iscsi_test.c,v 1.1 2011/10/23 21:15:02 agc Exp $	*/
+/*	$NetBSD: iscsi_test.c,v 1.2 2011/11/29 03:50:31 tls Exp $	*/

 /*-
 * Copyright (c) 2006,2011 The NetBSD Foundation, Inc.
@ -269,7 +269,8 @@ test_get(pdu_t *pdu, mod_desc_t *mod, int error)
 STATIC int
 check_loss(test_pars_t *tp, int rxtx)
 {
-	return (tp->lose_random[rxtx]) ? (randb() % tp->lose_random[rxtx]) : 0;
+	return (tp->lose_random[rxtx]) ?
+		(cprng_fast32() % tp->lose_random[rxtx]) : 0;
 }


--- a/sys/dev/iscsi/iscsi_text.c
+++ b/sys/dev/iscsi/iscsi_text.c
@ -1,4 +1,4 @@
-/*	$NetBSD: iscsi_text.c,v 1.1 2011/10/23 21:15:02 agc Exp $	*/
+/*	$NetBSD: iscsi_text.c,v 1.2 2011/11/29 03:50:31 tls Exp $	*/

 /*-
 * Copyright (c) 2005,2006,2011 The NetBSD Foundation, Inc.
@ -32,6 +32,7 @@
 #include "iscsi_globals.h"
 #include "base64.h"
 #include <sys/md5.h>
+#include <sys/cprng.h>

 #define isdigit(x) ((x) >= '0' && (x) <= '9')
 #define toupper(x) ((x) & ~0x20)
@ -1456,7 +1457,9 @@ assemble_security_parameters(connection_t *conn, ccb_t *ccb, pdu_t *rx_pdu,
 				return ISCSI_STATUS_PARAMETER_MISSING;
 			}

-			GEN_RAND(&state->temp_buf[CHAP_MD5_SIZE], CHAP_CHALLENGE_LEN + 1);
+			cprng_strong(kern_cprng,
+				     &state->temp_buf[CHAP_MD5_SIZE],
+				     CHAP_CHALLENGE_LEN + 1);
 			set_key_n(state, K_Auth_CHAP_Identifier,
 					  state->temp_buf[CHAP_MD5_SIZE]);
 			cpar = set_key_s(state, K_Auth_CHAP_Challenge,
--- a/sys/dev/pci/hifn7751.c
+++ b/sys/dev/pci/hifn7751.c
@ -1,4 +1,4 @@
-/*	$NetBSD: hifn7751.c,v 1.47 2011/11/19 22:51:23 tls Exp $	*/
+/*	$NetBSD: hifn7751.c,v 1.48 2011/11/29 03:50:31 tls Exp $	*/
 /*	$FreeBSD: hifn7751.c,v 1.5.2.7 2003/10/08 23:52:00 sam Exp $ */
 /*	$OpenBSD: hifn7751.c,v 1.140 2003/08/01 17:55:54 deraadt Exp $	*/

@ -48,7 +48,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: hifn7751.c,v 1.47 2011/11/19 22:51:23 tls Exp $");
+__KERNEL_RCSID(0, "$NetBSD: hifn7751.c,v 1.48 2011/11/29 03:50:31 tls Exp $");

 #include <sys/param.h>
 #include <sys/systm.h>
@ -65,6 +65,8 @@ __KERNEL_RCSID(0, "$NetBSD: hifn7751.c,v 1.47 2011/11/19 22:51:23 tls Exp $");
 #else
 #include <opencrypto/cryptodev.h>
 #include <sys/cprng.h>
+#include <sys/rnd.h>
+#include <sys/sha1.h>
 #endif

 #include <dev/pci/pcireg.h>
@ -544,7 +546,7 @@ hifn_rng(void *vsc)
 {
 	struct hifn_softc *sc = vsc;
 #ifdef __NetBSD__
-	u_int32_t num[HIFN_RNG_BITSPER * RND_ENTROPY_THRESHOLD];
+	u_int32_t num[HIFN_RNG_BITSPER * SHA1_DIGEST_LENGTH];
 #else
 	u_int32_t num[2];
 #endif
--- a/sys/dev/rnd.c
+++ b/sys/dev/rnd.c
@ -1,4 +1,4 @@
-/*	$NetBSD: rnd.c,v 1.87 2011/11/28 07:56:54 tls Exp $	*/
+/*	$NetBSD: rnd.c,v 1.88 2011/11/29 03:50:31 tls Exp $	*/

 /*-
 * Copyright (c) 1997-2011 The NetBSD Foundation, Inc.
@ -32,7 +32,7 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.87 2011/11/28 07:56:54 tls Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.88 2011/11/29 03:50:31 tls Exp $");

 #include <sys/param.h>
 #include <sys/ioctl.h>
@ -54,6 +54,8 @@ __KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.87 2011/11/28 07:56:54 tls Exp $");
 #include <sys/rngtest.h>
 #include <sys/cpu.h>	/* XXX temporary, see rnd_detach_source */

+#include <dev/rnd_private.h>
+
 #if defined(__HAVE_CPU_COUNTER) && !defined(_RUMPKERNEL) /* XXX: bad pooka */
 #include <machine/cpu_counter.h>
 #endif
--- a/sys/dev/rnd_private.h
+++ b/sys/dev/rnd_private.h
@ -0,0 +1,58 @@
+/*      $NetBSD: rnd_private.h,v 1.1 2011/11/29 03:50:31 tls Exp $     */
+
+/*-
+ * Copyright (c) 1997 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Michael Graff <explorer@flame.org>.  This code uses ideas and
+ * algorithms from the Linux driver written by Ted Ts'o.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _DEV_RNDPRIVATE_H
+#define _DEV_RNDPRIVATE_H
+/*
+ * Number of bytes returned per hash.  This value is used in both
+ * rnd.c and rndpool.c to decide when enough entropy exists to do a
+ * hash to extract it.
+ */
+#define RND_ENTROPY_THRESHOLD   10
+
+/*
+ * Size of the event queue.  This _MUST_ be a power of 2.
+ */
+#ifndef RND_EVENTQSIZE
+#define RND_EVENTQSIZE  128
+#endif
+
+/*
+ * Used by rnd_extract_data() and rndpool_extract_data() to describe how
+ * "good" the data has to be.
+ */
+#define RND_EXTRACT_ANY		0  /* extract anything, even if no entropy */
+#define RND_EXTRACT_GOOD	1  /* return as many good bytes
+				      (short read ok) */
+
+uint32_t        rnd_extract_data(void *, uint32_t, uint32_t);
+#endif
--- a/sys/dev/rndpool.c
+++ b/sys/dev/rndpool.c
@ -1,4 +1,4 @@
-/*      $NetBSD: rndpool.c,v 1.20 2008/04/28 20:23:47 martin Exp $        */
+/*      $NetBSD: rndpool.c,v 1.21 2011/11/29 03:50:31 tls Exp $        */

 /*-
 * Copyright (c) 1997 The NetBSD Foundation, Inc.
@ -31,13 +31,14 @@
 */

 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: rndpool.c,v 1.20 2008/04/28 20:23:47 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rndpool.c,v 1.21 2011/11/29 03:50:31 tls Exp $");

 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/sha1.h>

 #include <sys/rnd.h>
+#include <dev/rnd_private.h>

 /*
 * The random pool "taps"
@ -64,7 +65,7 @@ rndpool_init(rndpool_t *rp)
 	rp->stats.threshold = RND_ENTROPY_THRESHOLD;
 	rp->stats.maxentropy = RND_POOLBITS;

-	KASSERT(RND_ENTROPY_THRESHOLD*2 <= 20); /* XXX sha knowledge */
+	KASSERT(RND_ENTROPY_THRESHOLD * 2 <= SHA1_DIGEST_LENGTH);
 }

 u_int32_t
@ -250,7 +251,7 @@ rndpool_extract_data(rndpool_t *rp, void *p, u_int32_t len, u_int32_t mode)
 {
 	u_int i;
 	SHA1_CTX hash;
-	u_char digest[20];	/* XXX SHA knowledge */
+	u_char digest[SHA1_DIGEST_LENGTH];
 	u_int32_t remain, deltae, count;
 	u_int8_t *buf;
 	int good;
@ -263,7 +264,7 @@ rndpool_extract_data(rndpool_t *rp, void *p, u_int32_t len, u_int32_t mode)
 	else
 		good = (rp->stats.curentropy >= (8 * RND_ENTROPY_THRESHOLD));

-	KASSERT(RND_ENTROPY_THRESHOLD*2 <= 20); /* XXX SHA knowledge */
+	KASSERT(RND_ENTROPY_THRESHOLD * 2 <= sizeof(digest));

 	while (good && (remain != 0)) {
 		/*
--- a/sys/kern/subr_cprng.c
+++ b/sys/kern/subr_cprng.c
@ -1,4 +1,4 @@
-/*	$NetBSD: subr_cprng.c,v 1.2 2011/11/21 13:44:38 tsutsui Exp $ */
+/*	$NetBSD: subr_cprng.c,v 1.3 2011/11/29 03:50:31 tls Exp $ */

 /*-
 * Copyright (c) 2011 The NetBSD Foundation, Inc.
@ -38,6 +38,7 @@
 #include <sys/mutex.h>
 #include <sys/rngtest.h>
 #include <sys/rnd.h>
+#include <dev/rnd_private.h>

 #if defined(__HAVE_CPU_COUNTER)
 #include <machine/cpu_counter.h>
@ -45,7 +46,7 @@

 #include <sys/cprng.h>

-__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.2 2011/11/21 13:44:38 tsutsui Exp $");
+__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.3 2011/11/29 03:50:31 tls Exp $");

 void
 cprng_init(void)
--- a/sys/lib/libkern/arc4random.c
+++ b/sys/lib/libkern/arc4random.c
@ -1,4 +1,4 @@
-/*	$NetBSD: arc4random.c,v 1.27 2011/11/28 08:05:05 tls Exp $	*/
+/*	$NetBSD: arc4random.c,v 1.28 2011/11/29 03:50:32 tls Exp $	*/

 /*-
 * Copyright (c) 2002, 2011 The NetBSD Foundation, Inc.
@ -70,6 +70,7 @@

 #if NRND > 0
 #include <sys/rnd.h>
+#include <dev/rnd_private.h>

 rndsink_t	rs;

--- a/sys/sys/rnd.h
+++ b/sys/sys/rnd.h
@ -1,4 +1,4 @@
-/*	$NetBSD: rnd.h,v 1.25 2011/11/28 08:00:48 tls Exp $	*/
+/*	$NetBSD: rnd.h,v 1.26 2011/11/29 03:50:32 tls Exp $	*/

 /*-
 * Copyright (c) 1997 The NetBSD Foundation, Inc.
@ -51,32 +51,6 @@
 #define	RND_DEV_RANDOM	0	/* minor devices for random and kinda random */
 #define	RND_DEV_URANDOM	1

-#ifdef _KERNEL
-/*
- * Size of entropy pool in 32-bit words.  This _MUST_ be a power of 2.  Don't
- * change this unless you really know what you are doing...
- */
-#ifndef RND_POOLWORDS
-#define	RND_POOLWORDS	128
-#endif
-#define	RND_POOLBITS	(RND_POOLWORDS * 32)
-
-/*
- * Number of bytes returned per hash.  This value is used in both
- * rnd.c and rndpool.c to decide when enough entropy exists to do a
- * hash to extract it.
- */
-#define	RND_ENTROPY_THRESHOLD	10
-
-/*
- * Size of the event queue.  This _MUST_ be a power of 2.
- */
-#ifndef RND_EVENTQSIZE
-#define	RND_EVENTQSIZE	128
-#endif
-
-#endif	/* _KERNEL */
-
 /*
 * Exposed "size" of entropy pool, for convenience in load/save
 * from userspace.  Do not assume this is the same as the actual in-kernel
@ -126,6 +100,14 @@ typedef struct {
 #define	RND_TYPE_MAX		5	/* last type id used */

 #ifdef _KERNEL
+/*
+ * Size of entropy pool in 32-bit words.  This _MUST_ be a power of 2.  Don't
+ * change this unless you really know what you are doing...
+ */
+#ifndef RND_POOLWORDS
+#define RND_POOLWORDS	128
+#endif
+#define RND_POOLBITS	(RND_POOLWORDS * 32)

 typedef struct krndsource {
 	LIST_ENTRY(krndsource) list;	/* the linked list */
@ -157,14 +139,6 @@ typedef struct {
        uint32_t        pool[RND_POOLWORDS]; /* random pool data */
 } rndpool_t;

-/*
- * Used by rnd_extract_data() and rndpool_extract_data() to describe how
- * "good" the data has to be.
- */
-#define	RND_EXTRACT_ANY		0  /* extract anything, even if no entropy */
-#define	RND_EXTRACT_GOOD	1  /* return as many good bytes
-				      (short read ok) */
-
 #define RND_ENABLED(rp) \
        (((rp)->flags & RND_FLAG_NO_COLLECT) == 0)

@ -181,7 +155,6 @@ void		rnd_init(void);
 void		rnd_add_uint32(krndsource_t *, uint32_t);
 void		rnd_add_data(krndsource_t *, const void *const, uint32_t,
 		    uint32_t);
-uint32_t	rnd_extract_data(void *, uint32_t, uint32_t);
 void		rnd_attach_source(krndsource_t *, const char *,
 		    uint32_t, uint32_t);
 void		rnd_detach_source(krndsource_t *);