Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8a962f23f2
NetBSD/sys/dev/ldvar.h
tls 3afd44cf08 First step of random number subsystem rework described in 
<20111022023242.BA26F14A158@mail.netbsd.org>.  This change includes
the following:

	An initial cleanup and minor reorganization of the entropy pool
	code in sys/dev/rnd.c and sys/dev/rndpool.c.  Several bugs are
	fixed.  Some effort is made to accumulate entropy more quickly at
	boot time.

	A generic interface, "rndsink", is added, for stream generators to
	request that they be re-keyed with good quality entropy from the pool
	as soon as it is available.

	The arc4random()/arc4randbytes() implementation in libkern is
	adjusted to use the rndsink interface for rekeying, which helps
	address the problem of low-quality keys at boot time.

	An implementation of the FIPS 140-2 statistical tests for random
	number generator quality is provided (libkern/rngtest.c).  This
	is based on Greg Rose's implementation from Qualcomm.

	A new random stream generator, nist_ctr_drbg, is provided.  It is
	based on an implementation of the NIST SP800-90 CTR_DRBG by
	Henric Jungheim.  This generator users AES in a modified counter
	mode to generate a backtracking-resistant random stream.

	An abstraction layer, "cprng", is provided for in-kernel consumers
	of randomness.  The arc4random/arc4randbytes API is deprecated for
	in-kernel use.  It is replaced by "cprng_strong".  The current
	cprng_fast implementation wraps the existing arc4random
	implementation.  The current cprng_strong implementation wraps the
	new CTR_DRBG implementation.  Both interfaces are rekeyed from
	the entropy pool automatically at intervals justifiable from best
	current cryptographic practice.

	In some quick tests, cprng_fast() is about the same speed as
	the old arc4randbytes(), and cprng_strong() is about 20% faster
	than rnd_extract_data().  Performance is expected to improve.

	The AES code in src/crypto/rijndael is no longer an optional
	kernel component, as it is required by cprng_strong, which is
	not an optional kernel component.

	The entropy pool output is subjected to the rngtest tests at
	startup time; if it fails, the system will reboot.  There is
	approximately a 3/10000 chance of a false positive from these
	tests.  Entropy pool _input_ from hardware random numbers is
	subjected to the rngtest tests at attach time, as well as the
	FIPS continuous-output test, to detect bad or stuck hardware
	RNGs; if any are detected, they are detached, but the system
	continues to run.

	A problem with rndctl(8) is fixed -- datastructures with
	pointers in arrays are no longer passed to userspace (this
	was not a security problem, but rather a major issue for
	compat32).  A new kernel will require a new rndctl.

	The sysctl kern.arandom() and kern.urandom() nodes are hooked
	up to the new generators, but the /dev/*random pseudodevices
	are not, yet.

	Manual pages for the new kernel interfaces are forthcoming.
2011-11-19 22:51:18 +00:00

90 lines
3.1 KiB
C
Raw Blame History

/* $NetBSD: ldvar.h,v 1.19 2011/11/19 22:51:22 tls Exp $ */
/*-
* Copyright (c) 2000 The NetBSD Foundation, Inc.
* All rights reserved.
*
* This code is derived from software contributed to The NetBSD Foundation
* by Andrew Doran.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _DEV_LDVAR_H_
#define _DEV_LDVAR_H_
#include "rnd.h"
#include <sys/mutex.h>
#include <sys/device.h> /* for device_t */
#if NRND > 0
#include <sys/rnd.h>
#endif
struct ld_softc {
device_t sc_dv;
struct disk sc_dk;
struct bufq_state *sc_bufq;
kmutex_t sc_mutex;
#if NRND > 0
krndsource_t sc_rnd_source;
#endif
int sc_queuecnt; /* current h/w queue depth */
int sc_ncylinders; /* # cylinders */
int sc_nheads; /* # heads */
int sc_nsectors; /* # sectors per track */
int sc_disksize512;
/*
* The following are filled by hardware specific attachment code.
*/
int sc_flags; /* control flags */
uint64_t sc_secperunit; /* # sectors in total */
int sc_secsize; /* sector size in bytes */
int sc_maxxfer; /* max xfer size in bytes */
int sc_maxqueuecnt; /* maximum h/w queue depth */
int (*sc_dump)(struct ld_softc *, void *, int, int);
int (*sc_flush)(struct ld_softc *, int);
int (*sc_start)(struct ld_softc *, struct buf *);
};
/* sc_flags */
#define LDF_ENABLED 0x001 /* device enabled */
#define LDF_WLABEL 0x008 /* label is writable */
#define LDF_LABELLING 0x010 /* writing label */
#define LDF_DRAIN 0x020 /* maxqueuecnt has changed; drain */
#define LDF_DETACH 0x040 /* detach pending */
#define LDF_KLABEL 0x080 /* keep label on close */
#define LDF_VLABEL 0x100 /* label is valid */
/* sc_flush() flags */
#define LDFL_POLL 0x001 /* poll for completion */
int ldadjqparam(struct ld_softc *, int);
void ldattach(struct ld_softc *);
int ldbegindetach(struct ld_softc *, int);
void ldenddetach(struct ld_softc *);
void lddone(struct ld_softc *, struct buf *);
#endif /* !_DEV_LDVAR_H_ */
Reference in New Issue View Git Blame Copy Permalink