[Midnightbsd-cvs] src: /src: Correct a problem with arc4random

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Mon Nov 24 15:04:00 EST 2008 

Log Message:
-----------
Correct a problem with arc4random

Tags:
----
RELENG_0_2

Modified Files:
--------------
    src:
        UPDATING (r1.38.2.10 -> r1.38.2.11)
    src/sys/conf:
        newvers.sh (r1.3.2.5 -> r1.3.2.6)
    src/sys/dev/random:
        randomdev.c (r1.1.1.2 -> r1.1.1.2.4.1)
        randomdev_soft.c (r1.3 -> r1.3.4.1)

-------------- next part --------------
Index: UPDATING
===================================================================
RCS file: /home/cvs/src/UPDATING,v
retrieving revision 1.38.2.10
retrieving revision 1.38.2.11
diff -L UPDATING -L UPDATING -u -r1.38.2.10 -r1.38.2.11
--- UPDATING
+++ UPDATING
@@ -3,6 +3,13 @@
 Items affecting the mports and packages system can be found in
 /usr/mports/UPDATING. 
 
+20081124:
+	MidnightBSD 0.2.1-RELEASE-p3
+
+	Correct a problem in arc4random which causes the device
+	not get get enough entropy for system services.  Geom
+	classes initialized at startup will still have problems.
+
 20081002:
 	MidnightBSD 0.2.1-RELEASE-p2
 
Index: newvers.sh
===================================================================
RCS file: /home/cvs/src/sys/conf/newvers.sh,v
retrieving revision 1.3.2.5
retrieving revision 1.3.2.6
diff -L sys/conf/newvers.sh -L sys/conf/newvers.sh -u -r1.3.2.5 -r1.3.2.6
--- sys/conf/newvers.sh
+++ sys/conf/newvers.sh
@@ -33,7 +33,7 @@
 
 TYPE="MidnightBSD"
 REVISION="0.2.1"
-BRANCH="RELEASE-p2"
+BRANCH="RELEASE-p3"
 if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi
Index: randomdev.c
===================================================================
RCS file: /home/cvs/src/sys/dev/random/randomdev.c,v
retrieving revision 1.1.1.2
retrieving revision 1.1.1.2.4.1
diff -L sys/dev/random/randomdev.c -L sys/dev/random/randomdev.c -u -r1.1.1.2 -r1.1.1.2.4.1
--- sys/dev/random/randomdev.c
+++ sys/dev/random/randomdev.c
@@ -89,6 +89,7 @@
 	    && (securelevel_gt(td->td_ucred, 0) == 0)) {
 		(*random_systat.reseed)();
 		random_systat.seeded = 1;
+		arc4rand(NULL, 0, 1);	/* Reseed arc4random as well. */
 	}
 
 	return (0);
Index: randomdev_soft.c
===================================================================
RCS file: /home/cvs/src/sys/dev/random/randomdev_soft.c,v
retrieving revision 1.3
retrieving revision 1.3.4.1
diff -L sys/dev/random/randomdev_soft.c -L sys/dev/random/randomdev_soft.c -u -r1.3 -r1.3.4.1
--- sys/dev/random/randomdev_soft.c
+++ sys/dev/random/randomdev_soft.c
@@ -61,6 +61,7 @@
     u_int, u_int, enum esource);
 static int random_yarrow_poll(int event,struct thread *td);
 static int random_yarrow_block(int flag);
+static void random_yarrow_flush_reseed(void);
 
 struct random_systat random_yarrow = {
 	.ident = "Software, Yarrow",
@@ -70,7 +71,7 @@
 	.read = random_yarrow_read,
 	.write = random_yarrow_write,
 	.poll = random_yarrow_poll,
-	.reseed = random_yarrow_reseed,
+	.reseed = random_yarrow_flush_reseed,
 	.seeded = 1,
 };
 
@@ -96,7 +97,7 @@
 /* Harvested entropy */
 static struct entropyfifo harvestfifo[ENTROPYSOURCE];
 
-/* <0 to end the kthread, 0 to let it run */
+/* <0 to end the kthread, 0 to let it run, 1 to flush the harvest queues */
 static int random_kthread_control = 0;
 
 static struct proc *random_kthread_proc;
@@ -247,7 +248,7 @@
 	local_count = 0;
 
 	/* Process until told to stop */
-	for (; random_kthread_control == 0;) {
+	for (; random_kthread_control >= 0;) {
 
 		active = 0;
 
@@ -282,6 +283,13 @@
 		KASSERT(local_count == 0, ("random_kthread: local_count %d",
 		    local_count));
 
+		/*
+		 * If a queue flush was commanded, it has now happened,
+		 * and we can mark this by resetting the command.
+		 */
+		if (random_kthread_control == 1)
+			random_kthread_control = 0;
+
 		/* Found nothing, so don't belabour the issue */
 		if (!active)
 			tsleep(&harvestfifo, 0, "-", hz / 10);
@@ -406,3 +414,15 @@
 
 	return error;
 }	
+
+/* Helper routine to perform explicit reseeds */
+static void
+random_yarrow_flush_reseed(void)
+{
+	/* Command a entropy queue flush and wait for it to finish */
+	random_kthread_control = 1;
+	while (random_kthread_control)
+		tsleep(&harvestfifo, 0, "-", hz / 10);
+
+	random_yarrow_reseed();
+}

More information about the Midnightbsd-cvs mailing list