svn commit: r249915 - in stable/9/sys: dev/random libkern sys

Thu, 25 Apr 2013 18:57:08 -0700 

Author: ache
Date: Fri Apr 26 01:56:58 2013
New Revision: 249915
URL: http://svnweb.freebsd.org/changeset/base/249915

Log:
  MFC r249631
  
  Attempt to mitigate poor initialization of arc4 by one-shot
  reinitialization from yarrow right after good entropy is harvested.
  
  Approved by:    secteam (delphij)

Modified:
  stable/9/sys/dev/random/randomdev_soft.c
  stable/9/sys/libkern/arc4random.c
  stable/9/sys/sys/libkern.h
Directory Properties:
  stable/9/sys/   (props changed)
  stable/9/sys/dev/   (props changed)
  stable/9/sys/sys/   (props changed)

Modified: stable/9/sys/dev/random/randomdev_soft.c
==============================================================================
--- stable/9/sys/dev/random/randomdev_soft.c    Fri Apr 26 00:53:34 2013        
(r249914)
+++ stable/9/sys/dev/random/randomdev_soft.c    Fri Apr 26 01:56:58 2013        
(r249915)
@@ -366,6 +366,8 @@ random_yarrow_unblock(void)
                selwakeuppri(&random_systat.rsel, PUSER);
                wakeup(&random_systat);
        }
+       (void)atomic_cmpset_int(&arc4rand_iniseed_state, ARC4_ENTR_NONE,
+           ARC4_ENTR_HAVE);
 }
 
 static int

Modified: stable/9/sys/libkern/arc4random.c
==============================================================================
--- stable/9/sys/libkern/arc4random.c   Fri Apr 26 00:53:34 2013        
(r249914)
+++ stable/9/sys/libkern/arc4random.c   Fri Apr 26 01:56:58 2013        
(r249915)
@@ -24,6 +24,8 @@ __FBSDID("$FreeBSD$");
 #define        ARC4_RESEED_SECONDS 300
 #define        ARC4_KEYBYTES (256 / 8)
 
+int arc4rand_iniseed_state = ARC4_ENTR_NONE;
+
 static u_int8_t arc4_i, arc4_j;
 static int arc4_numruns = 0;
 static u_int8_t arc4_sbox[256];
@@ -130,7 +132,8 @@ arc4rand(void *ptr, u_int len, int resee
        struct timeval tv;
 
        getmicrouptime(&tv);
-       if (reseed || 
+       if (atomic_cmpset_int(&arc4rand_iniseed_state, ARC4_ENTR_HAVE,
+           ARC4_ENTR_SEED) || reseed ||
           (arc4_numruns > ARC4_RESEED_BYTES) ||
           (tv.tv_sec > arc4_t_reseed))
                arc4_randomstir();

Modified: stable/9/sys/sys/libkern.h
==============================================================================
--- stable/9/sys/sys/libkern.h  Fri Apr 26 00:53:34 2013        (r249914)
+++ stable/9/sys/sys/libkern.h  Fri Apr 26 01:56:58 2013        (r249915)
@@ -70,6 +70,11 @@ static __inline int abs(int a) { return 
 static __inline long labs(long a) { return (a < 0 ? -a : a); }
 static __inline quad_t qabs(quad_t a) { return (a < 0 ? -a : a); }
 
+#define        ARC4_ENTR_NONE  0       /* Don't have entropy yet. */
+#define        ARC4_ENTR_HAVE  1       /* Have entropy. */
+#define        ARC4_ENTR_SEED  2       /* Reseeding. */
+extern int arc4rand_iniseed_state;
+
 /* Prototypes for non-quad routines. */
 struct malloc_type;
 uint32_t arc4random(void);
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to