mostly-MI floating-point implementation for use by gcc -msoft-float.
It's currently only used by arm26, but should be usable by other ports
without too much hacking, assuming doubles and u_int64_ts are passed and
returned the same way, and FP formats are IEEEish.
important as db_sym() can be called through printf() rather than
db_printf(), causing a trap as the standard %n usage is invoked.
The DDB-specific %n code should disappear from subr_prf.c soon...
- Add comments about which spls apply to which data structures.
- Consistently protect the rnd_samples queue (the queue of
unprocessed samples) at splhigh().
- allow MD code to supply cpu_timestamp() and cpu_havetimestamp() for
an optional higher-resolution clock/roulette wheel source.
- Collect more statistics on the pool state (keeping track of where
collected bits are going, in addition to where they came from).
- Add RNDGETPOOLSTAT ioctl to get the additional stats.
- Flush a few unused rndpool calls.
- XXX XXX Cryptographic changes:
- 32-bit rotate is:
((val << rp->rotate) | (val >> (32 - rp->rotate))),
not
(val << rp->rotate) | (val >> rp->rotate)
or
((val << rp->rotate) | (val >> (31 - rp->rotate)))
- Avoid overloading of rp->rotate and double-rotation of data
(which limited pool mixing somewhat; "rotate" never got above 7).
- Be more paranoid (but probably not paranoid enough) about mixing
output back into the pool. This is an improvement, but it needs
revisiting soon.
We should follow the spirit of some of the recommendations in
the Schneier PRNG papers:
http://www.counterpane.com/yarrow-notes.htmlhttp://www.counterpane.com/pseudorandom_number.html
including:
- two (or more) stage operation for better isolation between inputs
and outputs.
- use of keyed one-way functions (probably better even than
invertible keyed functions like 3DES) at key points in the data flow,
so that breaking the PRNG is clearly as hard as breaking the function.
from devices connected to pckbc:
- Do actual sample collection in pckbc.
- Add rndsource_element_t to the slot data.
- Change pckbc_set_inputhandler() to take an additional argument,
the name of the device, which is (eventually) passed into
rnd_attach_source() to identify the source.
- Change callers of pckbc_set_inputhander() appropriately.
If __HAVE_CPU_TIMESTAMP is defined, <machine/rnd.h> exists and defines
two functions:
1) u_int32_t cpu_timestamp(void);
returns the 32 low order bits of a reasonably high frequency counter.
2) int cpu_havetimestamp(void);
returns non-zero if cpu_timestamp() actually works.
The timestamp counter should run at a frequency greater than 1 MHz
(otherwise, microtime would be sufficient); other than that, the exact
frequency and origin of the counter are unspecified.