timeout()/untimeout() API:
- Clients supply callout handle storage, thus eliminating problems of
resource allocation.
- Insertion and removal of callouts is constant time, important as
this facility is used quite a lot in the kernel.
The old timeout()/untimeout() API has been removed from the kernel.
(1) remove unused and probably bad (from an API POV) ioctls,
(2) split tyfl into type and flags,
(3) collect an array of samples, and add them all at once. Soon, this
will be using gzip to estimate the entropy, but for now the original
estimation methods are still used.
(4) kill rnd_add_data() -- it compliated the API for little benefit
release the first 96 bits of the hash directly rather than by folding.
The full 160 bit hash is mixed back into the entropy pool. This keeps
64 bits secret to stir the pool with.
splsoftclock() instead. This is done with an event queue of raw data,
and the entropy calculation etc. is done at splsoftclock().
o Use a private entropy pool rather than the global one defined in
rndpool.c. That global will probably go away, eventually.
pseudo-device rnd # /dev/random and in-kernel generator
in config files.
o Add declaration to all architectures.
o Clean up copyright message in rnd.c, rnd.h, and rndpool.c to include
that this code is derived in part from Ted Tyso's linux code.
but do not assume any entopy is gathered. It can be enabled using an
IOCTL again if the user desires.
Note that the mix function uses xor, so at worse an attacker can twiddle
bits in the pool, but not into a known state assuming it started as
an unknown.
Over the next few days (thank goodness for long weekends) I'll be hunting
down device drivers and adding hooks to gather entropy from many devices,
and adding the conf.c changes to the various port's device structs to
define major numbers for /dev/random and /dev/urandom.