 @@ -1,14 +1,14 @@
-# $NetBSD: mi,v 1.225 2011/09/06 21:32:30 riz Exp $
+# $NetBSD: mi,v 1.226 2011/11/23 10:47:49 tls Exp $
+#
 # Note: end-user configuration files that are moved to another location
 #	should not be marked "obsolete"; they should just be removed from
 #	the set list, a custom fix should be added to postinstall(8), and
 #	an item should be added to src/UPDATING for MKUPDATE=yes users.
 #	This is an exception to the general rule that moved/removed files
 #	are marked as "obsolete", because we don't want to arbitrarily
 #	remove end-user configuration files.
+#
 ./.cshrc					etc-util-etc
 ./.profile					etc-util-etc
 ./dev/MAKEDEV					etc-sys-etc
 ./dev/MAKEDEV.local				etc-sys-etc
 @@ -244,26 +244,27 @@
 ./etc/rc.d/perusertmp				etc-sys-rc
 ./etc/rc.d/pf					etc-net-rc
 ./etc/rc.d/pf_boot				etc-net-rc
 ./etc/rc.d/pflogd				etc-net-rc
 ./etc/rc.d/poffd				etc-obsolete		obsolete
 ./etc/rc.d/postfix				etc-postfix-rc
 ./etc/rc.d/powerd				etc-sysutil-rc
 ./etc/rc.d/ppp					etc-ppp-rc
 ./etc/rc.d/pwcheck				etc-sys-rc
 ./etc/rc.d/quota				etc-sys-rc
 ./etc/rc.d/racoon				etc-net-rc
 ./etc/rc.d/raidframe				etc-sys-rc
 ./etc/rc.d/raidframeparity			etc-sys-rc
 ./etc/rc.d/random_seed				etc-sys-rc
 ./etc/rc.d/rarpd				etc-bootserver-rc
 ./etc/rc.d/rbootd				etc-bootserver-rc
 ./etc/rc.d/rndctl				etc-sys-rc
 ./etc/rc.d/root					etc-sys-rc
 ./etc/rc.d/route6d				etc-router-rc
 ./etc/rc.d/routed				etc-router-rc
 ./etc/rc.d/rpcbind				etc-rpcbind-rc
 ./etc/rc.d/rtadvd				etc-net-rc
 ./etc/rc.d/rtclocaltime				etc-sys-rc
 ./etc/rc.d/rtsold				etc-net-rc
 ./etc/rc.d/rwho					etc-net-rc
 ./etc/rc.d/savecore				etc-sys-rc
 ./etc/rc.d/screenblank				etc-sys-rc

 @@ -1,14 +1,14 @@
-# $NetBSD: Makefile,v 1.85 2011/09/06 21:32:29 riz Exp $
+# $NetBSD: Makefile,v 1.86 2011/11/23 10:47:48 tls Exp $
 .include <bsd.own.mk>
+#
 # NOTE:
+#
 # If you're adding new scripts, don't forget to update following:
 #	src/distrib/sets/lists/etc/mi
 #	src/etc/mtree/special
 #	src/usr.sbin/postinstall/postinstall
+#
 # You can find a script to visualize the dependency graph in
 # src/sbin/rcorder.
 @@ -21,28 +21,29 @@ CONFIGFILES=\
 		dhclient dhcpcd dhcpd dhcrelay dmesg downinterfaces envsys \
 		fsck fsck_root ftp_proxy ftpd \
 		gpio \
 		hostapd httpd \
 		identd ifwatchd inetd ipfilter ipfs ipmon ipnat ipsec \
 		irdaattach iscsi_target isdnd \
 		kdc \
 		ldconfig ldpd local lpd lvm \
 		mdnsd mixerctl mopd motd mountall mountcritlocal \
 		mountcritremote mountd moused mrouted \
 		named ndbootd network newsyslog nfsd nfslocking npf ntpd ntpdate \
 		perusertmp pf pf_boot pflogd postfix powerd ppp pwcheck \
 		quota \
-		racoon rpcbind raidframe raidframeparity rarpd rbootd rndctl \
+		racoon rpcbind raidframe raidframeparity random_seed rarpd \
-		root route6d routed rtadvd rtclocaltime rtsold rwho \
+		rbootd rndctl root route6d routed rtadvd rtclocaltime \
 		rtsold rwho \
 		savecore screenblank securelevel sshd \
 		staticroute swap1 swap2 sysctl sysdb syslogd \
 		timed tpctl ttys \
 		veriexec virecover wdogctl wpa_supplicant wscons wsmoused \
 		ypbind yppasswdd ypserv
 FILESDIR=	/etc/rc.d
 FILESMODE=	${BINMODE}
 .if ${MKX11} != "no"
 CONFIGFILES+=	xdm xfs fccache
 FILESBUILD_xdm=	yes
 FILESBUILD_xfs=	yes
 FILESBUILD_fccache= yes

 @@ -1,14 +1,14 @@
-.\"	$NetBSD: rndctl.8,v 1.18 2011/10/01 02:55:00 pgoyette Exp $
+.\"	$NetBSD: rndctl.8,v 1.19 2011/11/23 10:47:49 tls Exp $
 .\"
 .\" Copyright (c) 1997 Michael Graff
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
 .\" 1. Redistributions of source code must retain the above copyright
 .\"    notice, this list of conditions and the following disclaimer.
 .\" 2. Redistributions in binary form must reproduce the above copyright
 .\"    notice, this list of conditions and the following disclaimer in the
 .\"    documentation and/or other materials provided with the distribution.
 .\" 3. The name of the author may not be used to endorse or promote products
 @@ -29,26 +29,30 @@
 .Dd January 4, 2009
 .Dt RNDCTL 8
 .Os
 .Sh NAME
 .Nm rndctl
 .Nd in-kernel random number generator management tool
 .Sh SYNOPSIS
 .Nm
 .Fl CcEe
 .Op Fl d Ar devname | Fl t Ar devtype
 .Nm
 .Fl ls
 .Op Fl d Ar devname | Fl t Ar devtype
 .Nm
 .Fl L Ar save-file
 .Nm
 .Fl S Ar save-file
 .Sh DESCRIPTION
 The
 .Nm
 program displays statistics on the current state of the
 .Xr rnd 4
 pseudo-driver, and allows the administrator to control which sources
 are allowed to contribute to the randomness pool maintained by
 .Xr rnd 4 ,
 as well as whether a given source counts as strongly random.
 .Pp
 The following options are available:
 .Bl -tag -width 123456
 .It Fl C
 @@ -94,26 +98,37 @@ This is mutually exclusive with
 The available types are:
 .Bl -tag -width "diskx"
 .It Ic disk
 Physical hard drives.
 .It Ic net
 Network interfaces.
 .It Ic tape
 Tape devices.
 .It Ic tty
 Terminal, mouse, or other user input devices.
 .It Ic rng
 Random number generators.
 .El
 .It Fl L
 Load saved entropy from file
 .Ar save-file ,
 which will be overwritten and deleted before the entropy is loaded into
 the kernel.
 .It Fl S
 Save entropy pool to file
 .Ar save-file .
 The file format is specific to
 .Nm
 and includes an estimate of the amount of saved entropy and a checksum.
 .El
 .Sh FILES
 .Bl -tag -width /dev/urandomx -compact
 .It Pa /dev/random
 Returns
 .Dq good
 values only.
 .It Pa /dev/urandom
 Always returns data, degenerates to a pseudo-random generator.
 .El
 .Sh SEE ALSO
 .Xr rnd 4 ,
 .Xr rnd 9

 @@ -1,14 +1,14 @@
-/*	$NetBSD: rndctl.c,v 1.20 2011/08/27 18:48:59 joerg Exp $	*/
+/*	$NetBSD: rndctl.c,v 1.21 2011/11/23 10:47:49 tls Exp $	*/
 /*-
  * Copyright (c) 1997 Michael Graff.
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
 @@ -19,45 +19,54 @@
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
 #include <sys/types.h>
 #include <sha1.h>
 #ifndef lint
-__RCSID("$NetBSD: rndctl.c,v 1.20 2011/08/27 18:48:59 joerg Exp $");
+__RCSID("$NetBSD: rndctl.c,v 1.21 2011/11/23 10:47:49 tls Exp $");
 #endif
 #include <sys/types.h>
 #include <sys/ioctl.h>
 #include <sys/param.h>
 #include <sys/rnd.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <fcntl.h>
 #include <errno.h>
 #include <err.h>
 #include <string.h>
 typedef struct {
 	uint32_t entropy;
 	uint8_t data[RND_POOLWORDS * sizeof(uint32_t)];
 	uint8_t digest[SHA1_DIGEST_LENGTH];
 } rndsave_t;
 typedef struct {
 	const char *a_name;
 	u_int32_t a_type;
 } arg_t;
 static const arg_t source_types[] = {
 	{ "???",     RND_TYPE_UNKNOWN },
 	{ "disk",    RND_TYPE_DISK },
 	{ "net",     RND_TYPE_NET },
 	{ "tape",    RND_TYPE_TAPE },
 	{ "tty",     RND_TYPE_TTY },
 	{ "rng",     RND_TYPE_RNG },
 	{ NULL,      0 }
 };
 @@ -68,26 +77,27 @@ static const char *find_name(u_int32_t);
 static void do_ioctl(rndctl_t *);
 static char * strflags(u_int32_t);
 static void do_list(int, u_int32_t, char *);
 static void do_stats(void);
 static void
 usage(void)
+{
 	fprintf(stderr, "usage: %s -CEce [-d devname | -t devtype]\n",
 	    getprogname());
 	fprintf(stderr, "       %s -ls [-d devname | -t devtype]\n",
 	    getprogname());
 	fprintf(stderr, "	%s -[L|S] save-file\n", getprogname());
 	exit(1);
+}
 static u_int32_t
 find_type(const char *name)
+{
 	const arg_t *a;
 	a = source_types;
 	while (a->a_name != NULL) {
 		if (strcmp(a->a_name, name) == 0)
 			return (a->a_type);
 @@ -106,26 +116,134 @@ find_name(u_int32_t type)
 	a = source_types;
 	while (a->a_name != NULL) {
 		if (type == a->a_type)
 			return (a->a_name);
 		a++;
+	}
 	warnx("device type %u unknown", type);
 	return ("???");
+}
 static void
 do_save(const char *const filename)
+{
 	int est1, est2;
 	rndpoolstat_t rp;
 	rndsave_t rs;
 	SHA1_CTX s;
 	int fd;
 	fd = open("/dev/urandom", O_RDONLY, 0644);
 	if (fd < 0) {
 		err(1, "device open");
+	}
 	if (ioctl(fd, RNDGETPOOLSTAT, &rp) < 0) {
 		err(1, "ioctl(RNDGETPOOLSTAT)");
+	}
 	est1 = rp.curentropy;
 	if (read(fd, rs.data, sizeof(rs.data)) != sizeof(rs.data)) {
 		err(1, "entropy read");
+	}
 	if (ioctl(fd, RNDGETPOOLSTAT, &rp) < 0) {
 		err(1, "ioctl(RNDGETPOOLSTAT)");
+	}
 	est2 = rp.curentropy;
 	if (est1 - est2 < 0) {
 		rs.entropy = 0;
 	} else {
 		rs.entropy = est1 - est2;
+	}
 	SHA1Init(&s);
 	SHA1Update(&s, (uint8_t *)&rs.entropy, sizeof(rs.entropy));
 	SHA1Update(&s, rs.data, sizeof(rs.data));
 	SHA1Final(rs.digest, &s);
 	close(fd);
 	unlink(filename);
 	fd = open(filename, O_CREAT|O_EXCL|O_WRONLY, 0600);
 	if (fd < 0) {
 		err(1, "output open");
+	}
 	if (write(fd, &rs, sizeof(rs)) != sizeof(rs)) {
 		unlink(filename);
 		fsync_range(fd, FDATASYNC|FDISKSYNC, (off_t)0, (off_t)0);
 		err(1, "write");
+	}
 	fsync_range(fd, FDATASYNC|FDISKSYNC, (off_t)0, (off_t)0);
 	close(fd);
+}
 static void
 do_load(const char *const filename)
+{
 	int fd;
 	rndsave_t rs;
 	rnddata_t rd;
 	SHA1_CTX s;
 	uint8_t digest[SHA1_DIGEST_LENGTH];
 	fd = open(filename, O_RDWR, 0600);
 	if (fd < 0) {
 		err(1, "input open");
+	}
 	unlink(filename);
 	if (read(fd, &rs, sizeof(rs)) != sizeof(rs)) {
 		err(1, "read");
+	}
 	if (write(fd, &rs, sizeof(rs) != sizeof(rs))) {
 		err(1, "overwrite");
+	}
 	fsync_range(fd, FDATASYNC|FDISKSYNC, (off_t)0, (off_t)0);
 	close(fd);
 	SHA1Init(&s);
 	SHA1Update(&s, (uint8_t *)&rs.entropy, sizeof(rs.entropy));
 	SHA1Update(&s, rs.data, sizeof(rs.data));
 	SHA1Final(digest, &s);
 	if (memcmp(digest, rs.digest, sizeof(digest))) {
 		errx(1, "bad digest");
+	}
 	rd.len = MIN(sizeof(rd.data), sizeof(rs.data));
 	rd.entropy = rs.entropy;
 	memcpy(rd.data, rs.data, MIN(sizeof(rd.data), sizeof(rs.data)));
 	fd = open("/dev/urandom", O_RDWR, 0644);
 	if (fd < 0) {
 		err(1, "device open");
+	}
 	if (ioctl(fd, RNDADDDATA, &rd) < 0) {
 		err(1, "ioctl");
+	}
 	close(fd);
+}
 static void
 do_ioctl(rndctl_t *rctl)
+{
 	int fd;
 	int res;
 	fd = open("/dev/urandom", O_RDONLY, 0644);
 	if (fd < 0)
 		err(1, "open");
 	res = ioctl(fd, RNDCTL, rctl);
 	if (res < 0)
 		err(1, "ioctl(RNDCTL)");
 @@ -237,48 +355,61 @@ do_stats(void)
 	printf("\t%9u hard-random bits generated\n", rs.removed);
 	printf("\t%9u pseudo-random bits generated\n", rs.generated);
 	close(fd);
+}
 int
 main(int argc, char **argv)
+{
 	rndctl_t rctl;
 	int ch, cmd, lflag, mflag, sflag;
 	u_int32_t type;
 	char name[16];
 	const char *filename = NULL;
 	rctl.mask = 0;
 	rctl.flags = 0;
 	cmd = 0;
 	lflag = 0;
 	mflag = 0;
 	sflag = 0;
 	type = 0xff;
-	while ((ch = getopt(argc, argv, "CEcelt:d:s")) != -1) {
+	while ((ch = getopt(argc, argv, "CES:L:celt:d:s")) != -1) {
 		switch (ch) {
 		case 'C':
 			rctl.flags |= RND_FLAG_NO_COLLECT;
 			rctl.mask |= RND_FLAG_NO_COLLECT;
 			mflag++;
 			break;
 		case 'E':
 			rctl.flags |= RND_FLAG_NO_ESTIMATE;
 			rctl.mask |= RND_FLAG_NO_ESTIMATE;
 			mflag++;
 			break;
 		case 'L':
 			if (cmd != 0)
 				usage();
 			cmd = 'L';
 			filename = optarg;
 			break;
 		case 'S':
 			if (cmd != 0)
 				usage();
 			cmd = 'S';
 			filename = optarg;
 			break;
 		case 'c':
 			rctl.flags &= ~RND_FLAG_NO_COLLECT;
 			rctl.mask |= RND_FLAG_NO_COLLECT;
 			mflag++;
 			break;
 		case 'e':
 			rctl.flags &= ~RND_FLAG_NO_ESTIMATE;
 			rctl.mask |= RND_FLAG_NO_ESTIMATE;
 			mflag++;
 			break;
 		case 'l':
 			lflag++;
 			break;
 @@ -305,26 +436,42 @@ main(int argc, char **argv)
 			usage();
+		}
+	}
 	argc -= optind;
 	argv += optind;
 	/*
 	 * No leftover non-option arguments.
 	 */
 	if (argc > 0)
 		usage();
 	/*
 	 * Save.
 	 */
 	if (cmd == 'S') {
 		do_save(filename);
 		exit(0);
+	}
 	/*
 	 * Load.
 	 */
 	if (cmd == 'L') {
 		do_load(filename);
 		exit(0);
+	}
 	/*
 	 * Cannot list and modify at the same time.
 	 */
 	if ((lflag != 0 || sflag != 0) && mflag != 0)
 		usage();
 	/*
 	 * Bomb out on no-ops.
 	 */
 	if (lflag == 0 && mflag == 0 && sflag == 0)
 		usage();
 	/*
 	 * If not listing, we need a device name or a type.

 @@ -1,14 +1,14 @@
-/*	$NetBSD: rnd.c,v 1.85 2011/11/20 00:45:15 tls Exp $	*/
+/*	$NetBSD: rnd.c,v 1.86 2011/11/23 10:47:48 tls Exp $	*/
 /*-
  * Copyright (c) 1997-2011 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Michael Graff <explorer@flame.org> and Thor Lancelot Simon.
  * This code uses ideas and algorithms from the Linux driver written by
  * Ted Ts'o.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
 @@ -22,27 +22,27 @@
  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.85 2011/11/20 00:45:15 tls Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rnd.c,v 1.86 2011/11/23 10:47:48 tls Exp $");
 #include <sys/param.h>
 #include <sys/ioctl.h>
 #include <sys/fcntl.h>
 #include <sys/select.h>
 #include <sys/poll.h>
 #include <sys/kmem.h>
 #include <sys/mutex.h>
 #include <sys/proc.h>
 #include <sys/kernel.h>
 #include <sys/conf.h>
 #include <sys/systm.h>
 #include <sys/callout.h>
 @@ -499,78 +499,109 @@ rndread(dev_t dev, struct uio *uio, int
 		if (ret != 0 || nread != n)
 			goto out;
+	}
 out:
 	kmem_free(bf, RND_TEMP_BUFFER_SIZE);
 	return (ret);
+}
 int
 rndwrite(dev_t dev, struct uio *uio, int ioflag)
+{
 	u_int8_t *bf;
-	int n, ret;
+	int n, ret = 0, estimate_ok = 0, estimate = 0, added = 0;
 	ret = kauth_authorize_device(curlwp->l_cred,
 	    KAUTH_DEVICE_RND_ADDDATA, NULL, NULL, NULL, NULL);
 	if (ret) {
 		return (ret);
+	}
 	estimate_ok = !kauth_authorize_device(curlwp->l_cred,
 	    KAUTH_DEVICE_RND_ADDDATA_ESTIMATE, NULL, NULL, NULL, NULL);
 	DPRINTF(RND_DEBUG_WRITE,
 	    ("Random: Write of %zu requested\n", uio->uio_resid));
 	if (uio->uio_resid == 0)
 		return (0);
 	ret = 0;
 	bf = kmem_alloc(RND_TEMP_BUFFER_SIZE, KM_SLEEP);
 	while (uio->uio_resid > 0) {
 		/*
 		 * Don't flood the pool.
 		 */
 		if (added > RND_POOLWORDS * sizeof(int)) {
 			printf("rnd: added %d already, adding no more.\n",
 			       added);
 			break;
+		}
 		n = min(RND_TEMP_BUFFER_SIZE, uio->uio_resid);
 		ret = uiomove((void *)bf, n, uio);
 		if (ret != 0)
 			break;
 		if (estimate_ok) {
 			/*
 			 * Don't cause samples to be discarded by taking
 			 * the pool's entropy estimate to the max.
 			 */
 			if (added > RND_POOLWORDS / 2)
 				estimate = 0;
 			else
 				estimate = n * NBBY / 2;
 			printf("rnd: adding on write, %d bytes, estimate %d\n",
 			       n, estimate);
 		} else {
 			printf("rnd: kauth says no entropy.\n");
+		}
 		/*
 		 * Mix in the bytes.
 		 */
 		mutex_spin_enter(&rndpool_mtx);
-		rndpool_add_data(&rnd_pool, bf, n, 0);
+		rndpool_add_data(&rnd_pool, bf, n, estimate);
 		mutex_spin_exit(&rndpool_mtx);
 		added += n;
 		DPRINTF(RND_DEBUG_WRITE, ("Random: Copied in %d bytes\n", n));
+	}
 	kmem_free(bf, RND_TEMP_BUFFER_SIZE);
 	return (ret);
+}
 static void
 krndsource_to_rndsource(krndsource_t *kr, rndsource_t *r)
+{
 	memset(r, 0, sizeof(*r));
 	strlcpy(r->name, kr->name, sizeof(r->name));
         r->total = kr->total;
         r->type = kr->type;
         r->flags = kr->flags;
+}
 int
 rndioctl(dev_t dev, u_long cmd, void *addr, int flag,
     struct lwp *l)
+{
 	krndsource_t *kr;
 	rndstat_t *rst;
 	rndstat_name_t *rstnm;
 	rndctl_t *rctl;
 	rnddata_t *rnddata;
 	u_int32_t count, start;
-	int ret;
+	int ret = 0;
 	int estimate_ok = 0, estimate = 0;
 	ret = 0;
 	switch (cmd) {
 	case FIONBIO:
 	case FIOASYNC:
 	case RNDGETENTCNT:
 		break;
 	case RNDGETPOOLSTAT:
 	case RNDGETSRCNUM:
 	case RNDGETSRCNAME:
 		ret = kauth_authorize_device(l->l_cred,
 		    KAUTH_DEVICE_RND_GETPRIV, NULL, NULL, NULL, NULL);
 		if (ret)
 @@ -579,26 +610,28 @@ rndioctl(dev_t dev, u_long cmd, void *ad
 	case RNDCTL:
 		ret = kauth_authorize_device(l->l_cred,
 		    KAUTH_DEVICE_RND_SETPRIV, NULL, NULL, NULL, NULL);
 		if (ret)
 			return (ret);
 		break;
 	case RNDADDDATA:
 		ret = kauth_authorize_device(l->l_cred,
 		    KAUTH_DEVICE_RND_ADDDATA, NULL, NULL, NULL, NULL);
 		if (ret)
 			return (ret);
 		estimate_ok = !kauth_authorize_device(l->l_cred,
 		    KAUTH_DEVICE_RND_ADDDATA_ESTIMATE, NULL, NULL, NULL, NULL);
 		break;
 	default:
 		return (EINVAL);
+	}
 	switch (cmd) {
 	/*
 	 * Handled in upper layer really, but we have to return zero
 	 * for it to be accepted by the upper layer.
 	 */
 	case FIONBIO:
 @@ -710,29 +743,43 @@ rndioctl(dev_t dev, u_long cmd, void *ad
 			kr = kr->list.le_next;
+		}
 		ret = ENOENT;		/* name not found */
 		break;
 	case RNDADDDATA:
 		rnddata = (rnddata_t *)addr;
 		if (rnddata->len > sizeof(rnddata->data))
 			return EINVAL;
 		if (estimate_ok) {
 			/*
 			 * Do not accept absurd entropy estimates, and
 			 * do not flood the pool with entropy such that
 			 * new samples are discarded henceforth.
 			 */
 			estimate = MIN((rnddata->len * NBBY) / 2,
 				       MIN(rnddata->entropy,
 					   RND_POOLWORDS * sizeof(int) *
 					   NBBY / 2));
 		} else {
 			estimate = 0;
+		}
 		mutex_spin_enter(&rndpool_mtx);
 		rndpool_add_data(&rnd_pool, rnddata->data, rnddata->len,
-		    rnddata->entropy);
+				 estimate);
 		mutex_spin_exit(&rndpool_mtx);
 		rnd_wakeup_readers();
 		break;
 	default:
 		return (EINVAL);
+	}
 	return (ret);
+}

 @@ -1,14 +1,14 @@
-/* $NetBSD: secmodel_securelevel.c,v 1.20 2009/10/07 01:06:57 elad Exp $ */
+/* $NetBSD: secmodel_securelevel.c,v 1.21 2011/11/23 10:47:48 tls Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. The name of the author may not be used to endorse or promote products
 @@ -25,27 +25,27 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * This file contains kauth(9) listeners needed to implement the traditional
  * NetBSD securelevel.
+ *
  * The securelevel is a system-global indication on what operations are
  * allowed or not. It affects all users, including root.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_securelevel.c,v 1.20 2009/10/07 01:06:57 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_securelevel.c,v 1.21 2011/11/23 10:47:48 tls Exp $");
 #ifdef _KERNEL_OPT
 #include "opt_insecure.h"
 #endif /* _KERNEL_OPT */
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/kauth.h>
 #include <sys/conf.h>
 #include <sys/mount.h>
 #include <sys/sysctl.h>
 #include <sys/vnode.h>
 @@ -543,26 +543,31 @@ secmodel_securelevel_device_cb(kauth_cre
 			KASSERT((bits & ~KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_ALL) == 0);
 			if (bits & ~KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_READCONF)
 				result = KAUTH_RESULT_DENY;
+		}
 		break;
 	case KAUTH_DEVICE_GPIO_PINSET:
 		if (securelevel > 0)
 			result = KAUTH_RESULT_DENY;
 		break;
 	case KAUTH_DEVICE_RND_ADDDATA_ESTIMATE:
 		if (securelevel > 0)
 			result = KAUTH_RESULT_DENY;
 		break;
 	default:
 		break;
+	}
 	return (result);
+}
 int
 secmodel_securelevel_vnode_cb(kauth_cred_t cred, kauth_action_t action,
     void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
+{
 	int result;

 @@ -1,14 +1,14 @@
-/* $NetBSD: secmodel_suser.c,v 1.34 2009/12/29 04:25:30 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.35 2011/11/23 10:47:49 tls Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. The name of the author may not be used to endorse or promote products
 @@ -28,27 +28,27 @@
 /*
  * This file contains kauth(9) listeners needed to implement the traditional
  * NetBSD superuser access restrictions.
+ *
  * There are two main resources a request can be issued to: user-owned and
  * system owned. For the first, traditional Unix access checks are done, as
  * well as superuser checks. If needed, the request context is examined before
  * a decision is made. For the latter, usually only superuser checks are done
  * as normal users are not allowed to access system resources.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.34 2009/12/29 04:25:30 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.35 2011/11/23 10:47:49 tls Exp $");
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/kauth.h>
 #include <sys/mutex.h>
 #include <sys/mount.h>
 #include <sys/socketvar.h>
 #include <sys/sysctl.h>
 #include <sys/vnode.h>
 #include <sys/proc.h>
 #include <sys/module.h>
 @@ -828,26 +828,27 @@ secmodel_suser_device_cb(kauth_cred_t cr
         int result;
         isroot = (kauth_cred_geteuid(cred) == 0);
         result = KAUTH_RESULT_DEFER;
 	switch (action) {
 	case KAUTH_DEVICE_BLUETOOTH_SETPRIV:
 	case KAUTH_DEVICE_BLUETOOTH_SEND:
 	case KAUTH_DEVICE_BLUETOOTH_RECV:
 	case KAUTH_DEVICE_TTY_OPEN:
 	case KAUTH_DEVICE_TTY_PRIVSET:
 	case KAUTH_DEVICE_TTY_STI:
 	case KAUTH_DEVICE_RND_ADDDATA:
 	case KAUTH_DEVICE_RND_ADDDATA_ESTIMATE:
 	case KAUTH_DEVICE_RND_GETPRIV:
 	case KAUTH_DEVICE_RND_SETPRIV:
 		if (isroot)
 			result = KAUTH_RESULT_ALLOW;
 		break;
 	case KAUTH_DEVICE_BLUETOOTH_BCSP:
 	case KAUTH_DEVICE_BLUETOOTH_BTUART: {
 		enum kauth_device_req req;
 		req = (enum kauth_device_req)arg0;
 		switch (req) {
 		case KAUTH_REQ_DEVICE_BLUETOOTH_BCSP_ADD:

 @@ -1,14 +1,14 @@
-/* $NetBSD: kauth.h,v 1.64 2009/12/24 19:02:07 elad Exp $ */
+/* $NetBSD: kauth.h,v 1.65 2011/11/23 10:47:49 tls Exp $ */
 /*-
  * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
 @@ -245,26 +245,27 @@ enum {
 };
 /*
  * Device scope - actions.
  */
 enum {
 	KAUTH_DEVICE_TTY_OPEN=1,
 	KAUTH_DEVICE_TTY_PRIVSET,
 	KAUTH_DEVICE_TTY_STI,
 	KAUTH_DEVICE_RAWIO_SPEC,
 	KAUTH_DEVICE_RAWIO_PASSTHRU,
 	KAUTH_DEVICE_BLUETOOTH_SETPRIV,
 	KAUTH_DEVICE_RND_ADDDATA,
 	KAUTH_DEVICE_RND_ADDDATA_ESTIMATE,
 	KAUTH_DEVICE_RND_GETPRIV,
 	KAUTH_DEVICE_RND_SETPRIV,
 	KAUTH_DEVICE_BLUETOOTH_BCSP,
 	KAUTH_DEVICE_BLUETOOTH_BTUART,
 	KAUTH_DEVICE_GPIO_PINSET,
 	KAUTH_DEVICE_BLUETOOTH_SEND,
 	KAUTH_DEVICE_BLUETOOTH_RECV
 };
 /*
  * Device scope - sub-actions.
  */
 enum kauth_device_req {

 @@ -1,14 +1,14 @@
-/*	$NetBSD: rnd.h,v 1.22 2011/11/19 22:51:31 tls Exp $	*/
+/*	$NetBSD: rnd.h,v 1.23 2011/11/23 10:47:49 tls Exp $	*/
 /*-
  * Copyright (c) 1997 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Michael Graff <explorer@flame.org>.  This code uses ideas and
  * algorithms from the Linux driver written by Ted Ts'o.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
 @@ -199,24 +199,24 @@ typedef struct {
  * instead.  Otherwise, the flags set/cleared apply to all devices of
  * the specified type, and the name is ignored.
  */
 typedef struct {
 	char		name[16];	/* the name we are adjusting */
 	uint32_t	type;		/* the type of device we want */
 	uint32_t	flags;		/* flags to set or clear */
 	uint32_t	mask;		/* mask for the flags we are setting */
 } rndctl_t;
 typedef struct {
 	uint32_t	len;
 	uint32_t	entropy;
-	u_char		data[RND_POOLWORDS * 4];
+	u_char		data[RND_POOLWORDS * sizeof(uint32_t)];
 } rnddata_t;
 #define	RNDGETENTCNT	_IOR('R',  101, uint32_t) /* get entropy count */
 #define	RNDGETSRCNUM	_IOWR('R', 102, rndstat_t) /* get rnd source info */
 #define	RNDGETSRCNAME	_IOWR('R', 103, rndstat_name_t) /* get src by name */
 #define	RNDCTL		_IOW('R',  104, rndctl_t)  /* set/clear source flags */
 #define	RNDADDDATA	_IOW('R',  105, rnddata_t) /* add data to the pool */
 #define	RNDGETPOOLSTAT	_IOR('R',  106, rndpoolstat_t)
 #endif /* !_SYS_RND_H_ */

	@@ -1,14 +1,14 @@		@@ -1,14 +1,14 @@
1	# $NetBSD: rc.conf,v 1.116 2011/11/21 20:56:21 darcy Exp $	1	# $NetBSD: rc.conf,v 1.117 2011/11/23 10:47:48 tls Exp $
2	#	2	#
3	# /etc/defaults/rc.conf --	3	# /etc/defaults/rc.conf --
4	# default configuration of /etc/rc.conf	4	# default configuration of /etc/rc.conf
5	#	5	#
6	# see rc.conf(5) for more information.	6	# see rc.conf(5) for more information.
7	#	7	#
8	# DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE.	8	# DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE.
9	# EDIT /etc/rc.conf INSTEAD.	9	# EDIT /etc/rc.conf INSTEAD.
10	#	10	#
11		11
12	#	12	#
13	# Use program=YES to enable program, NO to disable it. program_flags are	13	# Use program=YES to enable program, NO to disable it. program_flags are
14	# passed to the program on the command line.	14	# passed to the program on the command line.
	@@ -352,13 +352,16 @@ mixerctl=NO mixerctl_mixers="" # "mixer		@@ -352,13 +352,16 @@ mixerctl=NO mixerctl_mixers="" # "mixer
352		352
353	# Vi recovery notification. Vi(1)'s -r option can recover files which were	353	# Vi recovery notification. Vi(1)'s -r option can recover files which were
354	# accidentally closed. See vi(1) for more details.	354	# accidentally closed. See vi(1) for more details.
355	#	355	#
356	virecover=YES	356	virecover=YES
357		357
358	# Veriexec signature loading.	358	# Veriexec signature loading.
359	#	359	#
360	veriexec=NO	360	veriexec=NO
361	veriexec_strict=0	361	veriexec_strict=0
362	veriexec_verbose=0	362	veriexec_verbose=0
363	veriexec_flags="-k"	363	veriexec_flags="-k"
364		364
		365	# Entropy load/save to/from /dev/random at startup/shutdown
		366	#
		367	random_seed=YES