Module Name: src
Committed By: tls
Date: Sat Nov 19 22:51:31 UTC 2011
Modified Files:
src: UPDATING
src/sys/altq: altq_blue.c altq_cdnr.c altq_red.c altq_rmclass.c
src/sys/arch/acorn26/ioc: arckbd.c
src/sys/arch/amd64/conf: INSTALL
src/sys/arch/arm/at91: at91dbguvar.h at91usartvar.h
src/sys/arch/arm/ep93xx: epcomvar.h
src/sys/arch/arm/s3c2xx0: sscom_var.h
src/sys/arch/arm/sa11x0: sa1111_kbc.c
src/sys/arch/arm/xscale: ixp425_if_npe.c
src/sys/arch/emips/ebus: ace_ebus.c flash_ebus.c if_le_ebus.c
src/sys/arch/evbarm/dev: plcomvar.h
src/sys/arch/hp300/dev: rdvar.h
src/sys/arch/hp700/gsc: harmonyvar.h
src/sys/arch/i386/pci: glxsb.c
src/sys/arch/macppc/dev: if_gm.c
src/sys/arch/mips/alchemy/dev: if_aumac.c
src/sys/arch/mips/atheros/dev: aevar.h
src/sys/arch/mips/sibyte/dev: sbscnvar.h
src/sys/arch/next68k/dev: mb8795var.h
src/sys/arch/sgimips/hpc: sqvar.h
src/sys/arch/sgimips/mace: if_mec.c
src/sys/arch/sun2/dev: if_ec.c
src/sys/arch/x68k/dev: fd.c
src/sys/arch/x86/include: via_padlock.h
src/sys/arch/x86/pci: fwhrng.c
src/sys/arch/x86/x86: via_padlock.c
src/sys/arch/xen/include: xbdvar.h
src/sys/arch/xen/xen: if_xennet_xenbus.c xbd_xenbus.c
src/sys/conf: files
src/sys/crypto/rijndael: files.rijndael
src/sys/dev: ldvar.h rnd.c
src/sys/dev/ata: wdvar.h
src/sys/dev/gpib: rd.c
src/sys/dev/ic: comvar.h cs89x0var.h dp8390var.h elink3var.h
elinkxlvar.h gemvar.h hmevar.h i82557var.h lan9118var.h lancevar.h
lemacvar.h mb86950var.h mb86960var.h mtd803var.h pckbc.c
rtl81x9var.h seeq8005var.h smc91cxxvar.h tulipvar.h
src/sys/dev/isa: fdvar.h if_eg.c if_el.c if_iy.c
src/sys/dev/marvell: if_gfevar.h if_mvgbe.c
src/sys/dev/mca: edvar.h
src/sys/dev/pci: amdpmvar.h hifn7751.c hifn7751var.h if_bce.c
if_bgevar.h if_casvar.h if_devar.h if_dge.c if_iwi.c if_jme.c
if_mskvar.h if_pcn.c if_sip.c if_skvar.h if_tlvar.h if_vr.c
if_vtevar.h if_wm.c ubsec.c
src/sys/dev/pci/ixgbe: ixgbe.c
src/sys/dev/pcmcia: if_xivar.h
src/sys/dev/scsipi: cdvar.h sdvar.h stvar.h
src/sys/dev/usb: if_auereg.h if_axereg.h if_cdcereg.h if_cuereg.h
if_kuereg.h if_udavreg.h if_upl.c if_urlreg.h ucom.c uhidev.h
src/sys/dist/pf/net: pf.c
src/sys/dist/pf/netinet: tcp_rndiss.c
src/sys/fs/tmpfs: tmpfs_subr.c
src/sys/kern: exec_elf.c init_main.c init_sysctl.c kern_exec.c
kern_pax.c kern_ssp.c kern_sysctl.c kern_uuid.c
src/sys/lib/libkern: Makefile.libkern arc4random.c
src/sys/net: if_bridge.c if_spppsubr.c
src/sys/net/npf: npf_nat.c
src/sys/net80211: ieee80211_netbsd.c
src/sys/netinet: in.c ip_carp.c ip_id.c rfc6056.c tcp_input.c
tcp_subr.c
src/sys/netinet6: files.ipsec in6.c in6_ifattach.c ip6_id.c ip6_input.c
mld6.c mld6_var.h nd6.c nd6.h nd6_rtr.c
src/sys/netkey: key.c
src/sys/nfs: nfs_subs.c
src/sys/opencrypto: files.opencrypto
src/sys/rump/librump/rumpkern: Makefile.rumpkern rump.c
src/sys/rump/librump/rumpvfs: rumpblk.c
src/sys/rump/net/lib/libshmif: if_shmem.c
src/sys/rump/net/lib/libvirtif: if_virt.c
src/sys/sys: queue.h rnd.h sysctl.h
src/sys/ufs/ffs: ffs_appleufs.c
Added Files:
src/sys/crypto/nist_ctr_drbg: files.nist_ctr_drbg
nist_ctr_aes_rijndael.h nist_ctr_drbg.c nist_ctr_drbg.h
nist_ctr_drbg_aes128.h nist_ctr_drbg_aes256.h
nist_ctr_drbg_config.h
src/sys/kern: subr_cprng.c
src/sys/lib/libkern: rngtest.c
src/sys/rump/librump/rumpkern: cprng_stub.c
src/sys/sys: cprng.h rngtest.h
Log Message:
First step of random number subsystem rework described in
<20111022023242.ba26f14a...@mail.netbsd.org>. This change includes
the following:
An initial cleanup and minor reorganization of the entropy pool
code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are
fixed. Some effort is made to accumulate entropy more quickly at
boot time.
A generic interface, "rndsink", is added, for stream generators to
request that they be re-keyed with good quality entropy from the pool
as soon as it is available.
The arc4random()/arc4randbytes() implementation in libkern is
adjusted to use the rndsink interface for rekeying, which helps
address the problem of low-quality keys at boot time.
An implementation of the FIPS 140-2 statistical tests for random
number generator quality is provided (libkern/rngtest.c). This
is based on Greg Rose's implementation from Qualcomm.
A new random stream generator, nist_ctr_drbg, is provided. It is
based on an implementation of the NIST SP800-90 CTR_DRBG by
Henric Jungheim. This generator users AES in a modified counter
mode to generate a backtracking-resistant random stream.
An abstraction layer, "cprng", is provided for in-kernel consumers
of randomness. The arc4random/arc4randbytes API is deprecated for
in-kernel use. It is replaced by "cprng_strong". The current
cprng_fast implementation wraps the existing arc4random
implementation. The current cprng_strong implementation wraps the
new CTR_DRBG implementation. Both interfaces are rekeyed from
the entropy pool automatically at intervals justifiable from best
current cryptographic practice.
In some quick tests, cprng_fast() is about the same speed as
the old arc4randbytes(), and cprng_strong() is about 20% faster
than rnd_extract_data(). Performance is expected to improve.
The AES code in src/crypto/rijndael is no longer an optional
kernel component, as it is required by cprng_strong, which is
not an optional kernel component.
The entropy pool output is subjected to the rngtest tests at
startup time; if it fails, the system will reboot. There is
approximately a 3/10000 chance of a false positive from these
tests. Entropy pool _input_ from hardware random numbers is
subjected to the rngtest tests at attach time, as well as the
FIPS continuous-output test, to detect bad or stuck hardware
RNGs; if any are detected, they are detached, but the system
continues to run.
A problem with rndctl(8) is fixed -- datastructures with
pointers in arrays are no longer passed to userspace (this
was not a security problem, but rather a major issue for
compat32). A new kernel will require a new rndctl.
The sysctl kern.arandom() and kern.urandom() nodes are hooked
up to the new generators, but the /dev/*random pseudodevices
are not, yet.
Manual pages for the new kernel interfaces are forthcoming.
To generate a diff of this commit:
cvs rdiff -u -r1.229 -r1.230 src/UPDATING
cvs rdiff -u -r1.22 -r1.23 src/sys/altq/altq_blue.c
cvs rdiff -u -r1.19 -r1.20 src/sys/altq/altq_cdnr.c
cvs rdiff -u -r1.28 -r1.29 src/sys/altq/altq_red.c
cvs rdiff -u -r1.21 -r1.22 src/sys/altq/altq_rmclass.c
cvs rdiff -u -r1.20 -r1.21 src/sys/arch/acorn26/ioc/arckbd.c
cvs rdiff -u -r1.87 -r1.88 src/sys/arch/amd64/conf/INSTALL
cvs rdiff -u -r1.3 -r1.4 src/sys/arch/arm/at91/at91dbguvar.h \
src/sys/arch/arm/at91/at91usartvar.h
cvs rdiff -u -r1.4 -r1.5 src/sys/arch/arm/ep93xx/epcomvar.h
cvs rdiff -u -r1.8 -r1.9 src/sys/arch/arm/s3c2xx0/sscom_var.h
cvs rdiff -u -r1.12 -r1.13 src/sys/arch/arm/sa11x0/sa1111_kbc.c
cvs rdiff -u -r1.20 -r1.21 src/sys/arch/arm/xscale/ixp425_if_npe.c
cvs rdiff -u -r1.2 -r1.3 src/sys/arch/emips/ebus/ace_ebus.c \
src/sys/arch/emips/ebus/flash_ebus.c src/sys/arch/emips/ebus/if_le_ebus.c
cvs rdiff -u -r1.6 -r1.7 src/sys/arch/evbarm/dev/plcomvar.h
cvs rdiff -u -r1.20 -r1.21 src/sys/arch/hp300/dev/rdvar.h
cvs rdiff -u -r1.4 -r1.5 src/sys/arch/hp700/gsc/harmonyvar.h
cvs rdiff -u -r1.9 -r1.10 src/sys/arch/i386/pci/glxsb.c
cvs rdiff -u -r1.39 -r1.40 src/sys/arch/macppc/dev/if_gm.c
cvs rdiff -u -r1.31 -r1.32 src/sys/arch/mips/alchemy/dev/if_aumac.c
cvs rdiff -u -r1.3 -r1.4 src/sys/arch/mips/atheros/dev/aevar.h
cvs rdiff -u -r1.4 -r1.5 src/sys/arch/mips/sibyte/dev/sbscnvar.h
cvs rdiff -u -r1.11 -r1.12 src/sys/arch/next68k/dev/mb8795var.h
cvs rdiff -u -r1.12 -r1.13 src/sys/arch/sgimips/hpc/sqvar.h
cvs rdiff -u -r1.46 -r1.47 src/sys/arch/sgimips/mace/if_mec.c
cvs rdiff -u -r1.18 -r1.19 src/sys/arch/sun2/dev/if_ec.c
cvs rdiff -u -r1.94 -r1.95 src/sys/arch/x68k/dev/fd.c
cvs rdiff -u -r1.6 -r1.7 src/sys/arch/x86/include/via_padlock.h
cvs rdiff -u -r1.3 -r1.4 src/sys/arch/x86/pci/fwhrng.c
cvs rdiff -u -r1.15 -r1.16 src/sys/arch/x86/x86/via_padlock.c
cvs rdiff -u -r1.12 -r1.13 src/sys/arch/xen/include/xbdvar.h
cvs rdiff -u -r1.53 -r1.54 src/sys/arch/xen/xen/if_xennet_xenbus.c
cvs rdiff -u -r1.48 -r1.49 src/sys/arch/xen/xen/xbd_xenbus.c
cvs rdiff -u -r1.1031 -r1.1032 src/sys/conf/files
cvs rdiff -u -r0 -r1.1 src/sys/crypto/nist_ctr_drbg/files.nist_ctr_drbg \
src/sys/crypto/nist_ctr_drbg/nist_ctr_aes_rijndael.h \
src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.c \
src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg.h \
src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h \
src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h \
src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_config.h
cvs rdiff -u -r1.5 -r1.6 src/sys/crypto/rijndael/files.rijndael
cvs rdiff -u -r1.18 -r1.19 src/sys/dev/ldvar.h
cvs rdiff -u -r1.82 -r1.83 src/sys/dev/rnd.c
cvs rdiff -u -r1.38 -r1.39 src/sys/dev/ata/wdvar.h
cvs rdiff -u -r1.28 -r1.29 src/sys/dev/gpib/rd.c
cvs rdiff -u -r1.71 -r1.72 src/sys/dev/ic/comvar.h
cvs rdiff -u -r1.14 -r1.15 src/sys/dev/ic/cs89x0var.h
cvs rdiff -u -r1.30 -r1.31 src/sys/dev/ic/dp8390var.h
cvs rdiff -u -r1.36 -r1.37 src/sys/dev/ic/elink3var.h
cvs rdiff -u -r1.22 -r1.23 src/sys/dev/ic/elinkxlvar.h
cvs rdiff -u -r1.21 -r1.22 src/sys/dev/ic/gemvar.h src/sys/dev/ic/hmevar.h
cvs rdiff -u -r1.48 -r1.49 src/sys/dev/ic/i82557var.h
cvs rdiff -u -r1.2 -r1.3 src/sys/dev/ic/lan9118var.h
cvs rdiff -u -r1.13 -r1.14 src/sys/dev/ic/lancevar.h
cvs rdiff -u -r1.9 -r1.10 src/sys/dev/ic/lemacvar.h
cvs rdiff -u -r1.5 -r1.6 src/sys/dev/ic/mb86950var.h \
src/sys/dev/ic/seeq8005var.h
cvs rdiff -u -r1.37 -r1.38 src/sys/dev/ic/mb86960var.h
cvs rdiff -u -r1.6 -r1.7 src/sys/dev/ic/mtd803var.h
cvs rdiff -u -r1.51 -r1.52 src/sys/dev/ic/pckbc.c
cvs rdiff -u -r1.50 -r1.51 src/sys/dev/ic/rtl81x9var.h
cvs rdiff -u -r1.16 -r1.17 src/sys/dev/ic/smc91cxxvar.h
cvs rdiff -u -r1.65 -r1.66 src/sys/dev/ic/tulipvar.h
cvs rdiff -u -r1.6 -r1.7 src/sys/dev/isa/fdvar.h
cvs rdiff -u -r1.82 -r1.83 src/sys/dev/isa/if_eg.c
cvs rdiff -u -r1.86 -r1.87 src/sys/dev/isa/if_el.c
cvs rdiff -u -r1.88 -r1.89 src/sys/dev/isa/if_iy.c
cvs rdiff -u -r1.10 -r1.11 src/sys/dev/marvell/if_gfevar.h
cvs rdiff -u -r1.14 -r1.15 src/sys/dev/marvell/if_mvgbe.c
cvs rdiff -u -r1.13 -r1.14 src/sys/dev/mca/edvar.h
cvs rdiff -u -r1.6 -r1.7 src/sys/dev/pci/amdpmvar.h
cvs rdiff -u -r1.46 -r1.47 src/sys/dev/pci/hifn7751.c
cvs rdiff -u -r1.7 -r1.8 src/sys/dev/pci/hifn7751var.h \
src/sys/dev/pci/if_bgevar.h
cvs rdiff -u -r1.33 -r1.34 src/sys/dev/pci/if_bce.c
cvs rdiff -u -r1.2 -r1.3 src/sys/dev/pci/if_casvar.h
cvs rdiff -u -r1.55 -r1.56 src/sys/dev/pci/if_devar.h
cvs rdiff -u -r1.31 -r1.32 src/sys/dev/pci/if_dge.c
cvs rdiff -u -r1.87 -r1.88 src/sys/dev/pci/if_iwi.c
cvs rdiff -u -r1.17 -r1.18 src/sys/dev/pci/if_jme.c
cvs rdiff -u -r1.8 -r1.9 src/sys/dev/pci/if_mskvar.h
cvs rdiff -u -r1.52 -r1.53 src/sys/dev/pci/if_pcn.c
cvs rdiff -u -r1.150 -r1.151 src/sys/dev/pci/if_sip.c
cvs rdiff -u -r1.15 -r1.16 src/sys/dev/pci/if_skvar.h
cvs rdiff -u -r1.14 -r1.15 src/sys/dev/pci/if_tlvar.h
cvs rdiff -u -r1.107 -r1.108 src/sys/dev/pci/if_vr.c
cvs rdiff -u -r1.1 -r1.2 src/sys/dev/pci/if_vtevar.h
cvs rdiff -u -r1.223 -r1.224 src/sys/dev/pci/if_wm.c
cvs rdiff -u -r1.25 -r1.26 src/sys/dev/pci/ubsec.c
cvs rdiff -u -r1.1 -r1.2 src/sys/dev/pci/ixgbe/ixgbe.c
cvs rdiff -u -r1.6 -r1.7 src/sys/dev/pcmcia/if_xivar.h
cvs rdiff -u -r1.29 -r1.30 src/sys/dev/scsipi/cdvar.h
cvs rdiff -u -r1.32 -r1.33 src/sys/dev/scsipi/sdvar.h
cvs rdiff -u -r1.21 -r1.22 src/sys/dev/scsipi/stvar.h
cvs rdiff -u -r1.23 -r1.24 src/sys/dev/usb/if_auereg.h
cvs rdiff -u -r1.12 -r1.13 src/sys/dev/usb/if_axereg.h
cvs rdiff -u -r1.5 -r1.6 src/sys/dev/usb/if_cdcereg.h
cvs rdiff -u -r1.16 -r1.17 src/sys/dev/usb/if_cuereg.h \
src/sys/dev/usb/if_kuereg.h
cvs rdiff -u -r1.6 -r1.7 src/sys/dev/usb/if_udavreg.h \
src/sys/dev/usb/if_urlreg.h
cvs rdiff -u -r1.38 -r1.39 src/sys/dev/usb/if_upl.c
cvs rdiff -u -r1.87 -r1.88 src/sys/dev/usb/ucom.c
cvs rdiff -u -r1.10 -r1.11 src/sys/dev/usb/uhidev.h
cvs rdiff -u -r1.66 -r1.67 src/sys/dist/pf/net/pf.c
cvs rdiff -u -r1.2 -r1.3 src/sys/dist/pf/netinet/tcp_rndiss.c
cvs rdiff -u -r1.77 -r1.78 src/sys/fs/tmpfs/tmpfs_subr.c
cvs rdiff -u -r1.32 -r1.33 src/sys/kern/exec_elf.c
cvs rdiff -u -r1.436 -r1.437 src/sys/kern/init_main.c
cvs rdiff -u -r1.183 -r1.184 src/sys/kern/init_sysctl.c
cvs rdiff -u -r1.329 -r1.330 src/sys/kern/kern_exec.c
cvs rdiff -u -r1.25 -r1.26 src/sys/kern/kern_pax.c
cvs rdiff -u -r1.5 -r1.6 src/sys/kern/kern_ssp.c
cvs rdiff -u -r1.232 -r1.233 src/sys/kern/kern_sysctl.c
cvs rdiff -u -r1.17 -r1.18 src/sys/kern/kern_uuid.c
cvs rdiff -u -r0 -r1.1 src/sys/kern/subr_cprng.c
cvs rdiff -u -r1.14 -r1.15 src/sys/lib/libkern/Makefile.libkern
cvs rdiff -u -r1.21 -r1.22 src/sys/lib/libkern/arc4random.c
cvs rdiff -u -r0 -r1.1 src/sys/lib/libkern/rngtest.c
cvs rdiff -u -r1.73 -r1.74 src/sys/net/if_bridge.c
cvs rdiff -u -r1.123 -r1.124 src/sys/net/if_spppsubr.c
cvs rdiff -u -r1.7 -r1.8 src/sys/net/npf/npf_nat.c
cvs rdiff -u -r1.19 -r1.20 src/sys/net80211/ieee80211_netbsd.c
cvs rdiff -u -r1.140 -r1.141 src/sys/netinet/in.c
cvs rdiff -u -r1.46 -r1.47 src/sys/netinet/ip_carp.c
cvs rdiff -u -r1.14 -r1.15 src/sys/netinet/ip_id.c
cvs rdiff -u -r1.3 -r1.4 src/sys/netinet/rfc6056.c
cvs rdiff -u -r1.317 -r1.318 src/sys/netinet/tcp_input.c
cvs rdiff -u -r1.242 -r1.243 src/sys/netinet/tcp_subr.c
cvs rdiff -u -r1.5 -r1.6 src/sys/netinet6/files.ipsec
cvs rdiff -u -r1.158 -r1.159 src/sys/netinet6/in6.c
cvs rdiff -u -r1.85 -r1.86 src/sys/netinet6/in6_ifattach.c
cvs rdiff -u -r1.16 -r1.17 src/sys/netinet6/ip6_id.c
cvs rdiff -u -r1.132 -r1.133 src/sys/netinet6/ip6_input.c
cvs rdiff -u -r1.54 -r1.55 src/sys/netinet6/mld6.c
cvs rdiff -u -r1.9 -r1.10 src/sys/netinet6/mld6_var.h
cvs rdiff -u -r1.137 -r1.138 src/sys/netinet6/nd6.c
cvs rdiff -u -r1.55 -r1.56 src/sys/netinet6/nd6.h
cvs rdiff -u -r1.81 -r1.82 src/sys/netinet6/nd6_rtr.c
cvs rdiff -u -r1.179 -r1.180 src/sys/netkey/key.c
cvs rdiff -u -r1.221 -r1.222 src/sys/nfs/nfs_subs.c
cvs rdiff -u -r1.24 -r1.25 src/sys/opencrypto/files.opencrypto
cvs rdiff -u -r1.110 -r1.111 src/sys/rump/librump/rumpkern/Makefile.rumpkern
cvs rdiff -u -r0 -r1.1 src/sys/rump/librump/rumpkern/cprng_stub.c
cvs rdiff -u -r1.234 -r1.235 src/sys/rump/librump/rumpkern/rump.c
cvs rdiff -u -r1.46 -r1.47 src/sys/rump/librump/rumpvfs/rumpblk.c
cvs rdiff -u -r1.43 -r1.44 src/sys/rump/net/lib/libshmif/if_shmem.c
cvs rdiff -u -r1.25 -r1.26 src/sys/rump/net/lib/libvirtif/if_virt.c
cvs rdiff -u -r0 -r1.1 src/sys/sys/cprng.h src/sys/sys/rngtest.h
cvs rdiff -u -r1.52 -r1.53 src/sys/sys/queue.h
cvs rdiff -u -r1.21 -r1.22 src/sys/sys/rnd.h
cvs rdiff -u -r1.197 -r1.198 src/sys/sys/sysctl.h
cvs rdiff -u -r1.11 -r1.12 src/sys/ufs/ffs/ffs_appleufs.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
