Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src Merge tls-earlyentropy branch into HEAD.



details:   https://anonhg.NetBSD.org/src/rev/23236310c0d3
branches:  trunk
changeset: 798163:23236310c0d3
user:      tls <tls%NetBSD.org@localhost>
date:      Sun Aug 10 16:44:32 2014 +0000

description:
Merge tls-earlyentropy branch into HEAD.

diffstat:

 doc/CHANGES                                     |   15 +-
 external/bsd/liblzf/dist/lzfP.h                 |   40 +-
 external/bsd/liblzf/dist/lzf_c.c                |   17 +-
 external/bsd/liblzf/dist/lzf_d.c                |   18 +-
 sbin/rndctl/rndctl.8                            |    5 +-
 sbin/rndctl/rndctl.c                            |   86 ++-
 share/man/man9/rnd.9                            |   31 +-
 sys/arch/acorn26/ioc/arckbd.c                   |    8 +-
 sys/arch/amd64/conf/RNDVERBOSE                  |   24 +
 sys/arch/arm/allwinner/awin_eth.c               |    4 +-
 sys/arch/arm/at91/at91dbgu.c                    |    8 +-
 sys/arch/arm/at91/at91usart.c                   |    8 +-
 sys/arch/arm/broadcom/bcm2835_rng.c             |    6 +-
 sys/arch/arm/broadcom/bcm53xx_rng.c             |    4 +-
 sys/arch/arm/clps711x/clpscom.c                 |    6 +-
 sys/arch/arm/ep93xx/epcom.c                     |    6 +-
 sys/arch/arm/imx/imxuart.c                      |    7 +-
 sys/arch/arm/ixp12x0/ixp12x0_com.c              |    7 +-
 sys/arch/arm/s3c2xx0/sscom.c                    |    7 +-
 sys/arch/arm/sa11x0/sa1111_kbc.c                |    6 +-
 sys/arch/arm/sa11x0/sa11x0_com.c                |    7 +-
 sys/arch/arm/samsung/sscom.c                    |    6 +-
 sys/arch/arm/xscale/ixp425_if_npe.c             |    6 +-
 sys/arch/emips/ebus/ace_ebus.c                  |    8 +-
 sys/arch/emips/ebus/flash_ebus.c                |    8 +-
 sys/arch/emips/ebus/if_le_ebus.c                |    6 +-
 sys/arch/epoc32/windermere/wmcom.c              |    6 +-
 sys/arch/evbarm/dev/plcom.c                     |    6 +-
 sys/arch/hp300/dev/rd.c                         |    6 +-
 sys/arch/hppa/gsc/harmony.c                     |    4 +-
 sys/arch/i386/pci/glxsb.c                       |    9 +-
 sys/arch/macppc/dev/if_gm.c                     |    7 +-
 sys/arch/mips/alchemy/dev/if_aumac.c            |    6 +-
 sys/arch/mips/atheros/dev/if_ae.c               |    6 +-
 sys/arch/mips/sibyte/dev/sbscn.c                |    7 +-
 sys/arch/next68k/dev/mb8795.c                   |    6 +-
 sys/arch/playstation2/dev/if_smap.c             |    6 +-
 sys/arch/sgimips/mace/if_mec.c                  |    6 +-
 sys/arch/sun2/dev/if_ec.c                       |    6 +-
 sys/arch/x68k/dev/fd.c                          |    6 +-
 sys/arch/x86/pci/fwhrng.c                       |    6 +-
 sys/arch/x86/x86/ipmi.c                         |   27 +-
 sys/arch/x86/x86/via_padlock.c                  |    7 +-
 sys/arch/x86/x86/viac7temp.c                    |    6 +-
 sys/arch/xen/xen/if_xennet_xenbus.c             |    6 +-
 sys/arch/xen/xen/xbd_xenbus.c                   |    6 +-
 sys/conf/files                                  |    8 +-
 sys/crypto/arc4/arc4.c                          |   36 +-
 sys/crypto/arc4/arc4.h                          |   11 +-
 sys/crypto/arc4/files.arc4                      |    4 +-
 sys/crypto/cprng_fast/cprng_fast.c              |  496 ++++++++++++++++++++++++
 sys/crypto/cprng_fast/cprng_fast.h              |    9 +
 sys/crypto/cprng_fast/files.cprng_fast          |    3 +
 sys/dev/ata/wd.c                                |    6 +-
 sys/dev/gpib/rd.c                               |    6 +-
 sys/dev/i2c/dbcool.c                            |    7 +-
 sys/dev/i2c/hytp14var.h                         |    8 +-
 sys/dev/ic/com.c                                |    6 +-
 sys/dev/ic/cs89x0.c                             |    6 +-
 sys/dev/ic/dp8390.c                             |    6 +-
 sys/dev/ic/elink3.c                             |    6 +-
 sys/dev/ic/elinkxl.c                            |    6 +-
 sys/dev/ic/gem.c                                |    6 +-
 sys/dev/ic/hme.c                                |    6 +-
 sys/dev/ic/i82557.c                             |    6 +-
 sys/dev/ic/lan9118.c                            |    6 +-
 sys/dev/ic/lance.c                              |    6 +-
 sys/dev/ic/lemac.c                              |    6 +-
 sys/dev/ic/mb86950.c                            |    6 +-
 sys/dev/ic/mb86960.c                            |    6 +-
 sys/dev/ic/mtd803.c                             |    6 +-
 sys/dev/ic/pckbc.c                              |    6 +-
 sys/dev/ic/rtl8169.c                            |    6 +-
 sys/dev/ic/rtl81x9.c                            |    6 +-
 sys/dev/ic/seeq8005.c                           |    6 +-
 sys/dev/ic/smc91cxx.c                           |    6 +-
 sys/dev/ic/tulip.c                              |    6 +-
 sys/dev/isa/fd.c                                |    6 +-
 sys/dev/isa/if_eg.c                             |    6 +-
 sys/dev/isa/if_el.c                             |    6 +-
 sys/dev/isa/if_iy.c                             |    6 +-
 sys/dev/ld.c                                    |    6 +-
 sys/dev/marvell/if_gfe.c                        |    6 +-
 sys/dev/marvell/if_mvgbe.c                      |    6 +-
 sys/dev/mca/ed_mca.c                            |    6 +-
 sys/dev/pci/amdpm.c                             |   17 +-
 sys/dev/pci/auich.c                             |    7 +-
 sys/dev/pci/hifn7751.c                          |   17 +-
 sys/dev/pci/if_bce.c                            |    6 +-
 sys/dev/pci/if_bge.c                            |    6 +-
 sys/dev/pci/if_cas.c                            |    6 +-
 sys/dev/pci/if_de.c                             |    6 +-
 sys/dev/pci/if_dge.c                            |    6 +-
 sys/dev/pci/if_jme.c                            |    6 +-
 sys/dev/pci/if_msk.c                            |    6 +-
 sys/dev/pci/if_pcn.c                            |    6 +-
 sys/dev/pci/if_sip.c                            |    6 +-
 sys/dev/pci/if_sk.c                             |    6 +-
 sys/dev/pci/if_tl.c                             |    6 +-
 sys/dev/pci/if_vr.c                             |    6 +-
 sys/dev/pci/if_vte.c                            |    6 +-
 sys/dev/pci/if_wm.c                             |    7 +-
 sys/dev/pci/ubsec.c                             |    6 +-
 sys/dev/pci/viaenv.c                            |    5 +-
 sys/dev/pcmcia/if_xi.c                          |    6 +-
 sys/dev/rndpseudo.c                             |   84 +++-
 sys/dev/scsipi/cd.c                             |    6 +-
 sys/dev/scsipi/sd.c                             |    6 +-
 sys/dev/scsipi/st.c                             |    6 +-
 sys/dev/sysmon/sysmon_envsys.c                  |   38 +-
 sys/dev/sysmon/sysmon_power.c                   |    6 +-
 sys/dev/usb/if_aue.c                            |    6 +-
 sys/dev/usb/if_axe.c                            |    6 +-
 sys/dev/usb/if_axen.c                           |    6 +-
 sys/dev/usb/if_cue.c                            |    6 +-
 sys/dev/usb/if_kue.c                            |    6 +-
 sys/dev/usb/if_smsc.c                           |    4 +-
 sys/dev/usb/if_udav.c                           |    6 +-
 sys/dev/usb/if_upl.c                            |    6 +-
 sys/dev/usb/if_url.c                            |    6 +-
 sys/dev/usb/ucom.c                              |    6 +-
 sys/dev/usb/uhidev.c                            |    7 +-
 sys/kern/init_main.c                            |   12 +-
 sys/kern/kern_rndpool.c                         |   20 +-
 sys/kern/kern_rndq.c                            |  398 +++++++++++++-----
 sys/kern/kern_sysctl.c                          |   10 +-
 sys/kern/subr_autoconf.c                        |   19 +-
 sys/kern/subr_cprng.c                           |   63 +-
 sys/kern/subr_prf.c                             |   93 ++++-
 sys/lib/libkern/Makefile.libkern                |    7 +-
 sys/lib/libkern/arc4random.c                    |  277 -------------
 sys/lib/libkern/libkern.h                       |   22 +-
 sys/net/if_ethersubr.c                          |   11 +-
 sys/nfs/nfs_subs.c                              |    9 +-
 sys/rump/librump/rumpkern/Makefile.rumpkern     |    6 +-
 sys/rump/librump/rumpkern/hyperentropy.c        |    8 +-
 sys/rump/librump/rumpkern/opt/opt_rnd_printf.h  |    1 +
 sys/sys/cprng.h                                 |   30 +-
 sys/sys/kprintf.h                               |    3 +-
 sys/sys/rnd.h                                   |   79 +++-
 sys/uvm/uvm.h                                   |    5 +-
 sys/uvm/uvm_fault.c                             |   38 +-
 sys/uvm/uvm_page.c                              |    8 +-
 tests/kernel/Makefile                           |    3 +-
 tests/kernel/gen_t_subr_prf                     |   10 +
 usr.bin/fstat/misc.c                            |    6 +-
 usr.sbin/npf/npftest/libnpftest/npf_test_subr.c |    6 +-
 usr.sbin/sysinst/util.c                         |   28 +-
 148 files changed, 1793 insertions(+), 994 deletions(-)

diffs (truncated from 6561 to 300 lines):

diff -r 25ec58ce1e7e -r 23236310c0d3 doc/CHANGES
--- a/doc/CHANGES       Sun Aug 10 16:13:27 2014 +0000
+++ b/doc/CHANGES       Sun Aug 10 16:44:32 2014 +0000
@@ -1,4 +1,8 @@
-# LIST OF CHANGES FROM LAST RELEASE:                   <$Revision: 1.1960 $>
+<<<<<<< CHANGES
+# LIST OF CHANGES FROM LAST RELEASE:                   <$Revision: 1.1961 $>
+=======
+# LIST OF CHANGES FROM LAST RELEASE:                   <$Revision: 1.1961 $>
+>>>>>>> 1.1910.2.1
 #
 #
 # [Note: This file does not mention every change made to the NetBSD source tree.
@@ -465,3 +469,12 @@
        ekermit(1): Add BSD-licenced ekermit, and remove GPL-licenced
                gkermit. [apb 20140808]
        rescue(8): Add /rescue/ekermit. [apb 20140809]
+       rnd(4): Suck in much more entropy early in boot and thereafter:
+               autoconf timings, all sysctl settings (including hostname),
+               contents of early network packets, environmental sensor
+               values generically rather than as per-driver special cases.
+               [tls 20140810]
+       cprng_fast(9): Replace slow/broken mutex-protected kernel
+                      _arc4random() with new cprng_fast implemenation
+                      from riastradh@ using per-cpu instances of chacha8.
+                      [tls 20140810]
diff -r 25ec58ce1e7e -r 23236310c0d3 external/bsd/liblzf/dist/lzfP.h
--- a/external/bsd/liblzf/dist/lzfP.h   Sun Aug 10 16:13:27 2014 +0000
+++ b/external/bsd/liblzf/dist/lzfP.h   Sun Aug 10 16:44:32 2014 +0000
@@ -37,22 +37,21 @@
 #ifndef LZFP_h
 #define LZFP_h
 
-#define STANDALONE 1 /* at the moment, this is ok. */
-
-#ifndef STANDALONE
-# include "lzf.h"
+#if !defined(_KERNEL) && !defined(_STANDALONE)
+#include <sys/types.h>
+#include <inttypes.h>
 #endif
 
 /*
- * Size of hashtable is (1 << HLOG) * sizeof (char *)
+ * Size of hashtable is (1 << LZF_HLOG) * sizeof (char *)
  * decompression is independent of the hash table size
  * the difference between 15 and 14 is very small
  * for small blocks (and 14 is usually a bit faster).
- * For a low-memory/faster configuration, use HLOG == 13;
+ * For a low-memory/faster configuration, use LZF_HLOG == 13;
  * For best compression, use 15 or 16 (or more, up to 23).
  */
-#ifndef HLOG
-# define HLOG 16
+#ifndef LZF_HLOG
+# define LZF_HLOG 16
 #endif
 
 /*
@@ -77,9 +76,12 @@
 
 /*
  * Unconditionally aligning does not cost very much, so do it if unsure
+ *
+ * In fact, on modern x86 processors, strict alignment is faster whether
+ * in 32 or 64 bit mode.
  */
-#ifndef STRICT_ALIGN
-# define STRICT_ALIGN !(defined(__i386) || defined (__amd64))
+#ifndef STRICT_ALIGN   
+# define STRICT_ALIGN 1 /* !(defined(__i386) || defined (__amd64)) */
 #endif
 
 /*
@@ -124,21 +126,11 @@
 /*****************************************************************************/
 /* nothing should be changed below */
 
-typedef unsigned char u8;
-
-typedef const u8 *LZF_STATE[1 << (HLOG)];
+typedef uint8_t u8;
+typedef uint16_t u16;
 
-#if !STRICT_ALIGN
-/* for unaligned accesses we need a 16 bit datatype. */
-# include <limits.h>
-# if USHRT_MAX == 65535
-    typedef unsigned short u16;
-# elif UINT_MAX == 65535
-    typedef unsigned int u16;
-# else
-#  undef STRICT_ALIGN
-#  define STRICT_ALIGN 1
-# endif
+#if !defined(_KERNEL) && !defined(STANDALONE)
+typedef const u8 *LZF_STATE[1 << (LZF_HLOG)];
 #endif
 
 #if ULTRA_FAST
diff -r 25ec58ce1e7e -r 23236310c0d3 external/bsd/liblzf/dist/lzf_c.c
--- a/external/bsd/liblzf/dist/lzf_c.c  Sun Aug 10 16:13:27 2014 +0000
+++ b/external/bsd/liblzf/dist/lzf_c.c  Sun Aug 10 16:44:32 2014 +0000
@@ -34,9 +34,14 @@
  * either the BSD or the GPL.
  */
 
+#if defined(_KERNEL) || defined (_STANDALONE)
+#include <lib/libkern/libkern.h>
+#include "lzfP.h"
+#else
 #include "lzf.h"
+#endif
 
-#define HSIZE (1 << (HLOG))
+#define HSIZE (1 << (LZF_HLOG))
 
 /*
  * don't play with this unless you benchmark!
@@ -48,16 +53,16 @@
 # define FRST(p) (((p[0]) << 8) | p[1])
 # define NEXT(v,p) (((v) << 8) | p[2])
 # if ULTRA_FAST
-#  define IDX(h) ((( h             >> (3*8 - HLOG)) - h  ) & (HSIZE - 1))
+#  define IDX(h) ((( h             >> (3*8 - LZF_HLOG)) - h  ) & (HSIZE - 1))
 # elif VERY_FAST
-#  define IDX(h) ((( h             >> (3*8 - HLOG)) - h*5) & (HSIZE - 1))
+#  define IDX(h) ((( h             >> (3*8 - LZF_HLOG)) - h*5) & (HSIZE - 1))
 # else
-#  define IDX(h) ((((h ^ (h << 5)) >> (3*8 - HLOG)) - h*5) & (HSIZE - 1))
+#  define IDX(h) ((((h ^ (h << 5)) >> (3*8 - LZF_HLOG)) - h*5) & (HSIZE - 1))
 # endif
 #endif
 /*
  * IDX works because it is very similar to a multiplicative hash, e.g.
- * ((h * 57321 >> (3*8 - HLOG)) & (HSIZE - 1))
+ * ((h * 57321 >> (3*8 - LZF_HLOG)) & (HSIZE - 1))
  * the latter is also quite fast on newer CPUs, and compresses similarly.
  *
  * the next one is also quite good, albeit slow ;)
@@ -147,7 +152,7 @@
 #endif
           && (off = ip - ref - 1) < MAX_OFF
           && ip + 4 < in_end
-          && ref > (u8 *)in_data
+          && ref > (const u8 *)in_data
 #if STRICT_ALIGN
           && ref[0] == ip[0]
           && ref[1] == ip[1]
diff -r 25ec58ce1e7e -r 23236310c0d3 external/bsd/liblzf/dist/lzf_d.c
--- a/external/bsd/liblzf/dist/lzf_d.c  Sun Aug 10 16:13:27 2014 +0000
+++ b/external/bsd/liblzf/dist/lzf_d.c  Sun Aug 10 16:44:32 2014 +0000
@@ -34,13 +34,23 @@
  * either the BSD or the GPL.
  */
 
+#if defined(_KERNEL) || defined (_STANDALONE)
+#include <lib/libkern/libkern.h>
+#include <sys/systm.h>
+#include "lzfP.h"
+#else
 #include "lzf.h"
+#endif
 
-#if AVOID_ERRNO
-# define SET_ERRNO(n)
+#ifdef _KERNEL
+# define SET_ERRNO(n) panic("lzf decompression failure: %s", #n)
 #else
-# include <errno.h>
-# define SET_ERRNO(n) errno = (n)
+# ifdef AVOID_ERRNO
+#  define SET_ERRNO(n)
+# else
+#  include <errno.h>
+#  define SET_ERRNO(n) errno = (n)
+# endif
 #endif
 
 #if (__i386 || __amd64) && __GNUC__ >= 3
diff -r 25ec58ce1e7e -r 23236310c0d3 sbin/rndctl/rndctl.8
--- a/sbin/rndctl/rndctl.8      Sun Aug 10 16:13:27 2014 +0000
+++ b/sbin/rndctl/rndctl.8      Sun Aug 10 16:44:32 2014 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: rndctl.8,v 1.20 2011/11/23 12:15:30 wiz Exp $
+.\"    $NetBSD: rndctl.8,v 1.21 2014/08/10 16:44:32 tls Exp $
 .\"
 .\" Copyright (c) 1997 Michael Graff
 .\" All rights reserved.
@@ -39,6 +39,7 @@
 .Nm
 .Fl ls
 .Op Fl d Ar devname | Fl t Ar devtype
+.Op Fl v
 .Nm
 .Fl L Ar save-file
 .Nm
@@ -119,6 +120,8 @@
 .It Ic rng
 Random number generators.
 .El
+.It Fl v
+Verbose output: show entropy estimation statistics for each source.
 .El
 .Sh FILES
 .Bl -tag -width /dev/urandomx -compact
diff -r 25ec58ce1e7e -r 23236310c0d3 sbin/rndctl/rndctl.c
--- a/sbin/rndctl/rndctl.c      Sun Aug 10 16:13:27 2014 +0000
+++ b/sbin/rndctl/rndctl.c      Sun Aug 10 16:44:32 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: rndctl.c,v 1.27 2014/01/15 15:05:27 apb Exp $  */
+/*     $NetBSD: rndctl.c,v 1.28 2014/08/10 16:44:32 tls Exp $  */
 
 /*-
  * Copyright (c) 1997 Michael Graff.
@@ -33,7 +33,7 @@
 #include <sha1.h>
 
 #ifndef lint
-__RCSID("$NetBSD: rndctl.c,v 1.27 2014/01/15 15:05:27 apb Exp $");
+__RCSID("$NetBSD: rndctl.c,v 1.28 2014/08/10 16:44:32 tls Exp $");
 #endif
 
 
@@ -78,6 +78,8 @@
 static void do_list(int, u_int32_t, char *);
 static void do_stats(void);
 
+static int vflag;
+
 static void
 usage(void)
 {
@@ -254,19 +256,28 @@
 {
        static char str[512];
 
-       str[0] = 0;
+       str[0] = '\0';
        if (fl & RND_FLAG_NO_ESTIMATE)
                ;
        else
-               strlcat(str, "estimate", sizeof(str));
+               strlcat(str, "estimate, ", sizeof(str));
 
        if (fl & RND_FLAG_NO_COLLECT)
                ;
-       else {
-               if (str[0])
-                       strlcat(str, ", ", sizeof(str));
-               strlcat(str, "collect", sizeof(str));
-       }
+       else
+               strlcat(str, "collect, ", sizeof(str));
+
+       if (fl & RND_FLAG_COLLECT_VALUE)
+               strlcat(str, "v, ", sizeof(str));
+       if (fl & RND_FLAG_COLLECT_TIME)
+               strlcat(str, "t, ", sizeof(str));
+       if (fl & RND_FLAG_ESTIMATE_VALUE)
+               strlcat(str, "dv, ", sizeof(str));
+       if (fl & RND_FLAG_ESTIMATE_TIME)
+               strlcat(str, "dt, ", sizeof(str));
+
+       if (str[strlen(str) - 2] == ',')
+               str[strlen(str) - 2] = '\0';
 
        return (str);
 }
@@ -276,8 +287,8 @@
 static void
 do_list(int all, u_int32_t type, char *name)
 {
-       rndstat_t rstat;
-       rndstat_name_t rstat_name;
+       rndstat_est_t rstat;
+       rndstat_est_name_t rstat_name;
        int fd;
        int res;
        uint32_t i;
@@ -289,15 +300,25 @@
 
        if (all == 0 && type == 0xff) {
                strncpy(rstat_name.name, name, sizeof(rstat_name.name));
-               res = ioctl(fd, RNDGETSRCNAME, &rstat_name);
+               res = ioctl(fd, RNDGETESTNAME, &rstat_name);
                if (res < 0)
-                       err(1, "ioctl(RNDGETSRCNAME)");
+                       err(1, "ioctl(RNDGETESTNAME)");
                printf(HEADER);
                printf("%-16s %10u %-4s %s\n",
-                   rstat_name.source.name,
-                   rstat_name.source.total,
-                   find_name(rstat_name.source.type),
-                   strflags(rstat_name.source.flags));
+                   rstat_name.source.rt.name,
+                   rstat_name.source.rt.total,
+                   find_name(rstat_name.source.rt.type),
+                   strflags(rstat_name.source.rt.flags));
+               if (vflag) {



Home | Main Index | Thread Index | Old Index