Add explicit enable/disable hooks for callout-driven sources (be more
power friendly).
Make "skew" source polled so it runs only when there is entropy
demand.
Adjust entropy collection from polled sources so it's processed
sooner.
Partial workaround for indefinite hangs when entropy is scarce or
buffered up. We need to do more to handle entropy that has been
buffered up -- see the comment for details -- but this will help for
now.
Problem noted by pooka.
This reverts
sys/dev/rnd_private.h -> r1.1
sys/kern/init_main.c -> r1.450
sys/kern/kern_rndq.c -> r1.14
sys/kern/kern_rndsink.c -> r1.2
Parts of these changes will be added back, and the rndsource
callbacks will be fixed to avoid the lock recursion bug that
motivated the stop-gaps in the first place.
ok tls
hardware RNGs using the polling mode of operation:
1) Initialize the rng subsystem soft interrupts as early in kernel startup
as seems safe (we have no MI guarantee that softints are working at all
until configure2() returns, AFAICT).
This should have the rnd subsystem able to process events via softint
before the network subsystem (a notorious early user of entropy) starts.
2) Remove the shortcut calls to rnd_process_events() from
rnd_schedule_process(), with the result that until the softint is installed
rnd_process_events() is a NOP.
3) Directly call rnd_process_events() in rnd_extract_data(),
rnd_maybe_extract(), and rnd_init_softint(). This should suck up any
samples actually collected as early as possible.
consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.
rndsink(9):
- Simplify API.
- Simplify locking scheme.
- Add a man page.
- Avoid races in destruction.
- Avoid races in requesting entropy now and scheduling entropy later.
Periodic distribution of entropy to sinks reduces the need for the
last one, but this way we don't need to rely on periodic distribution
(e.g., in a future tickless NetBSD).
rndsinks_lock should probably eventually merge with the rndpool lock,
but we'll put that off for now.
cprng(9):
- Make struct cprng_strong opaque.
- Move rndpseudo.c parts that futz with cprng guts to subr_cprng.c.
- Fix kevent locking. (Is kevent locking documented anywhere?)
- Stub out rump cprng further until we can rumpify rndsink instead.
- Strip code to grovel through struct cprng_strong in fstat.
