Module Name: src
Committed By: martin
Date: Wed Oct 9 13:25:13 UTC 2024
Modified Files:
src/distrib/sets/lists/debug [netbsd-10]: mi module.md.amd64
module.md.i386
src/distrib/sets/lists/man [netbsd-10]: mi
src/distrib/sets/lists/modules [netbsd-10]: md.amd64 md.i386
src/distrib/sets/lists/tests [netbsd-10]: mi
src/lib/libc/gen [netbsd-10]: Makefile.inc arc4random.3 arc4random.c
getentropy.3
src/lib/libc/include [netbsd-10]: reentrant.h
src/share/man/man4 [netbsd-10]: Makefile rnd.4
src/sys/arch/amd64/conf [netbsd-10]: ALL GENERIC
src/sys/arch/evbarm/conf [netbsd-10]: GENERIC64
src/sys/arch/i386/conf [netbsd-10]: ALL GENERIC
src/sys/dev/acpi [netbsd-10]: files.acpi
src/sys/kern [netbsd-10]: kern_entropy.c
src/sys/modules [netbsd-10]: Makefile
src/sys/sys [netbsd-10]: entropy.h
src/tests/lib/libc/gen [netbsd-10]: Makefile
Added Files:
src/lib/libc/include [netbsd-10]: arc4random.h
src/share/man/man4 [netbsd-10]: acpivmgenid.4
src/sys/dev/acpi [netbsd-10]: acpi_vmgenid.c
src/sys/modules/acpivmgenid [netbsd-10]: Makefile acpivmgenid.ioconf
src/tests/lib/libc/gen [netbsd-10]: t_arc4random.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #939):
distrib/sets/lists/debug/module.md.amd64: revision 1.18
sys/modules/Makefile: revision 1.292
lib/libc/gen/arc4random.c: revision 1.34
lib/libc/gen/arc4random.c: revision 1.35
lib/libc/gen/arc4random.c: revision 1.36
lib/libc/gen/arc4random.c: revision 1.37
sys/kern/kern_entropy.c: revision 1.70
lib/libc/gen/arc4random.c: revision 1.38
sys/kern/kern_entropy.c: revision 1.71
lib/libc/gen/getentropy.3: revision 1.8
distrib/sets/lists/modules/md.amd64: revision 1.103
share/man/man4/rnd.4: revision 1.42
share/man/man4/rnd.4: revision 1.44
lib/libc/include/arc4random.h: revision 1.1
distrib/sets/lists/man/mi: revision 1.1786
sys/arch/i386/conf/GENERIC: revision 1.1258
sys/modules/acpivmgenid/acpivmgenid.ioconf: revision 1.1
sys/arch/amd64/conf/ALL: revision 1.190
distrib/sets/lists/debug/mi: revision 1.446
sys/arch/i386/conf/ALL: revision 1.521
lib/libc/gen/Makefile.inc: revision 1.219
distrib/sets/lists/debug/module.md.i386: revision 1.12
sys/dev/acpi/acpi_vmgenid.c: revision 1.1
sys/dev/acpi/acpi_vmgenid.c: revision 1.2
lib/libc/include/reentrant.h: revision 1.22
sys/arch/evbarm/conf/GENERIC64: revision 1.219
share/man/man4/Makefile: revision 1.735
distrib/sets/lists/modules/md.i386: revision 1.100
distrib/sets/lists/tests/mi: revision 1.1334
lib/libc/gen/arc4random.3: revision 1.22
sys/dev/acpi/files.acpi: revision 1.133
lib/libc/gen/arc4random.3: revision 1.23
tests/lib/libc/gen/t_arc4random.c: revision 1.1
sys/sys/entropy.h: revision 1.6
sys/arch/amd64/conf/GENERIC: revision 1.614
sys/modules/acpivmgenid/Makefile: revision 1.1
share/man/man4/acpivmgenid.4: revision 1.1
lib/libc/gen/Makefile.inc: revision 1.220
tests/lib/libc/gen/Makefile: revision 1.56
share/man/man4/acpivmgenid.4: revision 1.2
share/man/man4/acpivmgenid.4: revision 1.3
(all via patch)
Catch up with all the lint warnings since exit on warning was disabled.
Disable 'missing header declaration' and 'nested extern' warnings for now.
acpivmgenid(4): New driver for virtual machine generation ID.
Added to amd64/ALL and i386/ALL kernel configurations, and made
available as a loadable module acpivmgenid.kmod on x86, for now.
TBD: Add to all ACPI-supporting GENERIC kernels.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
entropy(9): Factor out subroutines to reset and gather entropy.
`Reset' means we keep the data in the pool, but assume it had zero
entropy. `Gather' means we request samples from all on-demand
sources and wait for the synchronous ones to complete.
No functional change intended, other than to expose new symbols --
just preparation to expose these to acpivmgenid(4), so it can use
these when the VM host notifies us that we, the guest, have been
cloned.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
acpivmgenid(4): Reset and gather entropy on VM clone notification.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
arc4random(3): Reseed if system entropy epoch changes.
This can happen, for example, if the system is a VM instance, and the
VM is cloned.
This incurs the cost of a system call on every arc4random call, which
is unfortunate, but
1. we don't currently have a (machine-independent) mechanism for
exposing a read-only page to userland shared by the kernel to
enable a cheaper access path to the entropy epoch; and
2. the algorithm here -- a simple application of ChaCha -- is likely
also a bottleneck and could be much cheaper by
(a) using sys/crypto/chacha for machine-dependent vectorized
ChaCha code, and
(b) filling a buffer (somewhere between a cipher block and a page)
in a batch at a time, instead of running ChaCha to generate
only 32 bytes at a time.
So although this might be a performance hit, the security benefit is
worthwhile and we have a clear path to do better than reversing the
performance hit later.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
acpivmgenid(4): Nix BUGS that have been squashed.
Reference kern.entropy.epoch for the remaining bug (which is a
performance issue, not a security issue).
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
entropy(9): Allow unprivileged reads of sysctl kern.entropy.epoch.
Applications need this in order to know when to reseed. (We should
also expose it through a page shared read-only with userland for
cheaper access, but until we do, let's let applications get at it
through sysctl.)
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
arc4random.c: Fix test program.
This isn't wired up anywhere, but let's reduce the bitrot. It was
helpful in reminding me that kern.entropy.epoch was, for reasons I
can't remember, restricted to privileged access.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
amd64, evbarm, i386: Add acpivmgenid(4) to GENERIC.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
rnd(4): Document kern.entropy.epoch is unprivileged and elaborate.
Cross-reference acpivmgenid(4).
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
arc4random(3): Note that arc4random respects kern.entropy.epoch.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
Add debug info for new acpivmgenid module
arc4random(3): Add automatic tests.
This verifies that:
- arc4random zeroes its state and reseeds itself on fork
- arc4random reseeds itself on entropy consolidation (e.g., VM clone)
- arc4random falls back to global state if it can't allocate local
state because address space limits cause mmap to fail
NOTE: This adds a new libc symbol __arc4random_global, but it's in
the reserved namespace and only used by t_arc4random, so no libc
minor bump.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
getentropy(3): Note intent to reseed on VM clone, and caveats.
Tidy markup and pacify some mandoc -Tlint complaints while here.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
Bump dates on man pages recently updated to mention VM clones.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
arc4random(3): Pacify some of lint's complaints.
PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM
fork
arc4random: suppress another lint warning
To generate a diff of this commit:
cvs rdiff -u -r1.394.2.10 -r1.394.2.11 src/distrib/sets/lists/debug/mi
cvs rdiff -u -r1.12.2.2 -r1.12.2.3 \
src/distrib/sets/lists/debug/module.md.amd64
cvs rdiff -u -r1.7.2.2 -r1.7.2.3 src/distrib/sets/lists/debug/module.md.i386
cvs rdiff -u -r1.1757.2.13 -r1.1757.2.14 src/distrib/sets/lists/man/mi
cvs rdiff -u -r1.98.2.2 -r1.98.2.3 src/distrib/sets/lists/modules/md.amd64
cvs rdiff -u -r1.96.2.2 -r1.96.2.3 src/distrib/sets/lists/modules/md.i386
cvs rdiff -u -r1.1238.2.12 -r1.1238.2.13 src/distrib/sets/lists/tests/mi
cvs rdiff -u -r1.216.2.1 -r1.216.2.2 src/lib/libc/gen/Makefile.inc
cvs rdiff -u -r1.21 -r1.21.24.1 src/lib/libc/gen/arc4random.3
cvs rdiff -u -r1.33 -r1.33.2.1 src/lib/libc/gen/arc4random.c
cvs rdiff -u -r1.4.2.2 -r1.4.2.3 src/lib/libc/gen/getentropy.3
cvs rdiff -u -r0 -r1.1.2.2 src/lib/libc/include/arc4random.h
cvs rdiff -u -r1.21 -r1.21.2.1 src/lib/libc/include/reentrant.h
cvs rdiff -u -r1.730.2.3 -r1.730.2.4 src/share/man/man4/Makefile
cvs rdiff -u -r0 -r1.3.2.2 src/share/man/man4/acpivmgenid.4
cvs rdiff -u -r1.40.2.1 -r1.40.2.2 src/share/man/man4/rnd.4
cvs rdiff -u -r1.174.4.4 -r1.174.4.5 src/sys/arch/amd64/conf/ALL
cvs rdiff -u -r1.599.4.6 -r1.599.4.7 src/sys/arch/amd64/conf/GENERIC
cvs rdiff -u -r1.206.2.4 -r1.206.2.5 src/sys/arch/evbarm/conf/GENERIC64
cvs rdiff -u -r1.503.4.4 -r1.503.4.5 src/sys/arch/i386/conf/ALL
cvs rdiff -u -r1.1243.2.4 -r1.1243.2.5 src/sys/arch/i386/conf/GENERIC
cvs rdiff -u -r0 -r1.3.2.2 src/sys/dev/acpi/acpi_vmgenid.c
cvs rdiff -u -r1.126.4.3 -r1.126.4.4 src/sys/dev/acpi/files.acpi
cvs rdiff -u -r1.57.4.5 -r1.57.4.6 src/sys/kern/kern_entropy.c
cvs rdiff -u -r1.274.2.6 -r1.274.2.7 src/sys/modules/Makefile
cvs rdiff -u -r0 -r1.1.2.2 src/sys/modules/acpivmgenid/Makefile \
src/sys/modules/acpivmgenid/acpivmgenid.ioconf
cvs rdiff -u -r1.4.20.1 -r1.4.20.2 src/sys/sys/entropy.h
cvs rdiff -u -r1.55 -r1.55.2.1 src/tests/lib/libc/gen/Makefile
cvs rdiff -u -r0 -r1.1.2.2 src/tests/lib/libc/gen/t_arc4random.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
