Wed Nov 19 14:25:01 2014 UTC ()
Change debug to diagnostic so that more people see the lossage with bad
random streams, so we can debug it.


(christos)
diff -r1.25 -r1.26 src/sys/kern/subr_cprng.c
cvs diff -r1.25 -r1.26 src/sys/kern/subr_cprng.c (expand / switch to unified diff)

--- src/sys/kern/subr_cprng.c 2014/08/14 16:28:30 1.25
+++ src/sys/kern/subr_cprng.c 2014/11/19 14:25:00 1.26
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: subr_cprng.c,v 1.25 2014/08/14 16:28:30 riastradh Exp $ */ 1/* $NetBSD: subr_cprng.c,v 1.26 2014/11/19 14:25:00 christos Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 2011-2013 The NetBSD Foundation, Inc. 4 * Copyright (c) 2011-2013 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This code is derived from software contributed to The NetBSD Foundation 7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Thor Lancelot Simon and Taylor R. Campbell. 8 * by Thor Lancelot Simon and Taylor R. Campbell.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions 11 * modification, are permitted provided that the following conditions
12 * are met: 12 * are met:
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
@@ -20,64 +20,64 @@ @@ -20,64 +20,64 @@
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE. 29 * POSSIBILITY OF SUCH DAMAGE.
30 */ 30 */
31 31
32#include <sys/cdefs.h> 32#include <sys/cdefs.h>
33__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.25 2014/08/14 16:28:30 riastradh Exp $"); 33__KERNEL_RCSID(0, "$NetBSD: subr_cprng.c,v 1.26 2014/11/19 14:25:00 christos Exp $");
34 34
35#include <sys/param.h> 35#include <sys/param.h>
36#include <sys/types.h> 36#include <sys/types.h>
37#include <sys/condvar.h> 37#include <sys/condvar.h>
38#include <sys/cprng.h> 38#include <sys/cprng.h>
39#include <sys/errno.h> 39#include <sys/errno.h>
40#include <sys/event.h> /* XXX struct knote */ 40#include <sys/event.h> /* XXX struct knote */
41#include <sys/fcntl.h> /* XXX FNONBLOCK */ 41#include <sys/fcntl.h> /* XXX FNONBLOCK */
42#include <sys/kernel.h> 42#include <sys/kernel.h>
43#include <sys/kmem.h> 43#include <sys/kmem.h>
44#include <sys/lwp.h> 44#include <sys/lwp.h>
45#include <sys/once.h> 45#include <sys/once.h>
46#include <sys/percpu.h> 46#include <sys/percpu.h>
47#include <sys/poll.h> /* XXX POLLIN/POLLOUT/&c. */ 47#include <sys/poll.h> /* XXX POLLIN/POLLOUT/&c. */
48#include <sys/select.h> 48#include <sys/select.h>
49#include <sys/systm.h> 49#include <sys/systm.h>
50#include <sys/sysctl.h> 50#include <sys/sysctl.h>
51#include <sys/rnd.h> 51#include <sys/rnd.h>
52#include <sys/rndsink.h> 52#include <sys/rndsink.h>
53#if DEBUG 53#if DIAGNOSTIC
54#include <sys/rngtest.h> 54#include <sys/rngtest.h>
55#endif 55#endif
56 56
57#include <crypto/nist_ctr_drbg/nist_ctr_drbg.h> 57#include <crypto/nist_ctr_drbg/nist_ctr_drbg.h>
58 58
59#if defined(__HAVE_CPU_COUNTER) 59#if defined(__HAVE_CPU_COUNTER)
60#include <machine/cpu_counter.h> 60#include <machine/cpu_counter.h>
61#endif 61#endif
62 62
63static int sysctl_kern_urnd(SYSCTLFN_PROTO); 63static int sysctl_kern_urnd(SYSCTLFN_PROTO);
64static int sysctl_kern_arnd(SYSCTLFN_PROTO); 64static int sysctl_kern_arnd(SYSCTLFN_PROTO);
65 65
66static void cprng_strong_generate(struct cprng_strong *, void *, size_t); 66static void cprng_strong_generate(struct cprng_strong *, void *, size_t);
67static void cprng_strong_reseed(struct cprng_strong *); 67static void cprng_strong_reseed(struct cprng_strong *);
68static void cprng_strong_reseed_from(struct cprng_strong *, const void *, 68static void cprng_strong_reseed_from(struct cprng_strong *, const void *,
69 size_t, bool); 69 size_t, bool);
70#if DEBUG 70#if DIAGNOSTIC
71static void cprng_strong_rngtest(struct cprng_strong *); 71static void cprng_strong_rngtest(struct cprng_strong *);
72#endif 72#endif
73 73
74static rndsink_callback_t cprng_strong_rndsink_callback; 74static rndsink_callback_t cprng_strong_rndsink_callback;
75 75
76void 76void
77cprng_init(void) 77cprng_init(void)
78{ 78{
79 static struct sysctllog *random_sysctllog; 79 static struct sysctllog *random_sysctllog;
80 80
81 nist_ctr_initialize(); 81 nist_ctr_initialize();
82 82
83 sysctl_createv(&random_sysctllog, 0, NULL, NULL, 83 sysctl_createv(&random_sysctllog, 0, NULL, NULL,
@@ -437,32 +437,32 @@ cprng_strong_reseed_from(struct cprng_st @@ -437,32 +437,32 @@ cprng_strong_reseed_from(struct cprng_st
437 * entropy when we had full entropy before? If so, 437 * entropy when we had full entropy before? If so,
438 * remove the conditional on this message. 438 * remove the conditional on this message.
439 */ 439 */
440 if (!cprng->cs_ready && 440 if (!cprng->cs_ready &&
441 !ISSET(cprng->cs_flags, CPRNG_REKEY_ANY)) 441 !ISSET(cprng->cs_flags, CPRNG_REKEY_ANY))
442 printf("cprng %s: reseeding with partial entropy\n", 442 printf("cprng %s: reseeding with partial entropy\n",
443 cprng->cs_name); 443 cprng->cs_name);
444 } 444 }
445 445
446 if (nist_ctr_drbg_reseed(&cprng->cs_drbg, seed, bytes, &cc, sizeof(cc))) 446 if (nist_ctr_drbg_reseed(&cprng->cs_drbg, seed, bytes, &cc, sizeof(cc)))
447 /* XXX Fix nist_ctr_drbg API so this can't happen. */ 447 /* XXX Fix nist_ctr_drbg API so this can't happen. */
448 panic("cprng %s: NIST CTR_DRBG reseed failed", cprng->cs_name); 448 panic("cprng %s: NIST CTR_DRBG reseed failed", cprng->cs_name);
449 449
450#if DEBUG 450#if DIAGNOSTIC
451 cprng_strong_rngtest(cprng); 451 cprng_strong_rngtest(cprng);
452#endif 452#endif
453} 453}
454 454
455#if DEBUG 455#if DIAGNOSTIC
456/* 456/*
457 * Generate some output and apply a statistical RNG test to it. 457 * Generate some output and apply a statistical RNG test to it.
458 */ 458 */
459static void 459static void
460cprng_strong_rngtest(struct cprng_strong *cprng) 460cprng_strong_rngtest(struct cprng_strong *cprng)
461{ 461{
462 462
463 KASSERT(mutex_owned(&cprng->cs_lock)); 463 KASSERT(mutex_owned(&cprng->cs_lock));
464 464
465 /* XXX Switch to a pool cache instead? */ 465 /* XXX Switch to a pool cache instead? */
466 rngtest_t *const rt = kmem_intr_alloc(sizeof(*rt), KM_NOSLEEP); 466 rngtest_t *const rt = kmem_intr_alloc(sizeof(*rt), KM_NOSLEEP);
467 if (rt == NULL) 467 if (rt == NULL)
468 /* XXX Warn? */ 468 /* XXX Warn? */