MirBSD
CVS log for src/sys/dev/rnd.c
Up to [New MirBSD CVS] / src / sys / dev
Request diff between arbitrary revisions - Display revisions graphically
Keyword substitution: kv
Default branch: MAIN
Revision 1.79: download - view: text, markup, annotated - select for diffs
Sun Aug 25 22:20:51 2019 UTC (4 years, 7 months ago) by tg
- 1005D63096C6637033A
Branches: MAIN
CVS tags: HEAD
Diff to previous 1.78: preferred, coloured
Changes since revision 1.78: +5 -5 lines
fix initial_entropy and _randseed reading:
• use the latter for locore
• concatenate them for randomattach, hash for enqueue_randomness
• switch to explicit_bzero in many places
Revision 1.78: download - view: text, markup, annotated - select for diffs
Sun Aug 25 21:26:01 2019 UTC (4 years, 7 months ago) by tg
- 1005D62FCDC7F4EA8E0
Branches: MAIN
Diff to previous 1.77: preferred, coloured
Changes since revision 1.77: +14 -1 lines
allow init(8) write+stir access to arandom(4) in high securelevels,
for system shutdown; correct and update related info in manpage
Revision 1.77: download - view: text, markup, annotated - select for diffs
Wed Aug 9 10:50:07 2017 UTC (6 years, 7 months ago) by tg
- 100598AE8E34CCF9581
Branches: MAIN
Diff to previous 1.76: preferred, coloured
Changes since revision 1.76: +10 -3 lines
I just know I’ll hate myself later if I don’t make it bidi right from the beginning
Revision 1.76: download - view: text, markup, annotated - select for diffs
Tue Aug 8 15:14:46 2017 UTC (6 years, 7 months ago) by tg
- 1005989D5710E59BF98
Branches: MAIN
Diff to previous 1.75: preferred, coloured
Changes since revision 1.75: +21 -1 lines
flesh out the getentropy syscall, I have a feeling we’ll need it eventually
Revision 1.75: download - view: text, markup, annotated - select for diffs
Thu Feb 20 00:30:24 2014 UTC (10 years, 1 month ago) by tg
- 10053054CA71B859DC9
Branches: MAIN
Diff to previous 1.74: preferred, coloured
Changes since revision 1.74: +34 -22 lines
permit /dev/random to be read from (arc4random) and written to (lopool)
Revision 1.74: download - view: text, markup, annotated - select for diffs
Thu Oct 24 08:32:37 2013 UTC (10 years, 5 months ago) by tg
- 1005268DAE46A5CAE15
Branches: MAIN
Diff to previous 1.73: preferred, coloured
Changes since revision 1.73: +3 -10 lines
do not give the users an insecure random device at hand, period.
now /dev/[pw]random still writes to the lopool but reads from arc4random(9)
(important: do not depend on this behaviour, they used to return insecure
data; use /dev/wrandom only for writing and always read /dev/arandom)
Revision 1.73: download - view: text, markup, annotated - select for diffs
Sun Nov 20 18:54:46 2011 UTC (12 years, 4 months ago) by tg
- 1004EC94CC144CEC290
Branches: MAIN
Diff to previous 1.72: preferred, coloured
Changes since revision 1.72: +2 -2 lines
• use common <syskern/md5.h> with /usr/include/md5.h@ for userspace compat
• switch kernel <crypto/md5.h> users to <syskern/md5.h>
• fix underestimated __attribute__((__bounded__ …)) argument
• this is an interface definition and as such not copyrightable
Revision 1.72: download - view: text, markup, annotated - select for diffs
Sat Feb 19 14:41:36 2011 UTC (13 years, 1 month ago) by tg
- 1004D5FD6AD4C707315
Branches: MAIN
Diff to previous 1.71: preferred, coloured
Changes since revision 1.71: +7 -3 lines
• kernel: merge rnd_flush() declarations into <randimpl.h>
• randomioctl: let RNDSTIRARC4 invoke rnd_flush() if called from init(8)
• init, reboot/halt: use unified "pathnames.h"
• init: use RNDSTIRARC4 to reset all pools (lopool, arc4random) on halt
• init: write 2048 bytes to /var/db/host.random to make it an even 8 KiB
• init: redesign code for that, minimise sleep calls, tested with tempo-
rary printf/warning/etc. calls in userspace and kernel
• init: upon SIGTSTP, invoke RNDSTIRARC4 to help halt/reboot
• halt/reboot: do similar things like init wrt. signals, output, seed file
Revision 1.71: download - view: text, markup, annotated - select for diffs
Fri Dec 24 00:11:00 2010 UTC (13 years, 3 months ago) by tg
- 1004D13E5244D978DD8
Branches: MAIN
Diff to previous 1.70: preferred, coloured
Changes since revision 1.70: +3 -1 lines
fix build; make omalloc default; sync lists (objc, lynx)
Revision 1.70: download - view: text, markup, annotated - select for diffs
Thu Dec 23 19:25:32 2010 UTC (13 years, 3 months ago) by tg
- 1004D13A2417F2232C8
Branches: MAIN
Diff to previous 1.69: preferred, coloured
Changes since revision 1.69: +45 -48 lines
fast-forward through OpenBSD-current RNG:
src/sys/dev/rnd.c,v 1.105
src/lib/libc/crypt/arc4random.c,v 1.22
this fixes some small issues. also, optimise a little and correct comments.
Revision 1.69: download - view: text, markup, annotated - select for diffs
Sat Sep 25 14:11:46 2010 UTC (13 years, 6 months ago) by tg
- 1004C9E03397C26FA1E
Branches: MAIN
Diff to previous 1.68: preferred, coloured
Changes since revision 1.68: +2 -2 lines
since 1004C9D50823DFFA28B this is no longer true, simplify / reduce diff against vendor
Revision 1.68: download - view: text, markup, annotated - select for diffs
Sat Sep 25 01:29:34 2010 UTC (13 years, 6 months ago) by tg
- 1004C9D50823DFFA28B
Branches: MAIN
Diff to previous 1.67: preferred, coloured
Changes since revision 1.67: +34 -13 lines
a shame to waste all the entropy in queue drops (high or low watermark)…
Revision 1.67: download - view: text, markup, annotated - select for diffs
Fri Sep 24 21:37:34 2010 UTC (13 years, 6 months ago) by tg
- 1004C9D1A1633B6D2E3
Branches: MAIN
Diff to previous 1.66: preferred, coloured
Changes since revision 1.66: +4 -1 lines
if source==0 “just add”, without touching statistics
add_entropy_words(*, 0) is a nop, which is fine for us
Revision 1.66: download - view: text, markup, annotated - select for diffs
Fri Sep 24 21:31:19 2010 UTC (13 years, 6 months ago) by tg
- 1004C9D17EF4AAFFCE9
Branches: MAIN
Diff to previous 1.65: preferred, coloured
Changes since revision 1.65: +14 -1 lines
new ioctl RNDADDRNDNESS which works kinda like Linux’ RNDADDENTROPY
in that it doesn’t separate the entropy-to-kernel transfer between
write and ioctl, but it has, like all ioctls, a fixed argument size
and can (new!) take a source, e.g. RND_SRC_MOUSE¹, argument inside
struct rnd_add_randomness.source (int). currently limited to 16 32-bit
words (64 bytes), but as ekeyd, for which this interface is intended,
writes only 32 bytes at a time it seems fine to me.
① tested with mircvs://contrib/hosted/tg/e2k.c modified slightly
Revision 1.65: download - view: text, markup, annotated - select for diffs
Fri Sep 24 20:35:12 2010 UTC (13 years, 6 months ago) by tg
- 1004C9D0B38596B6444
Branches: MAIN
Diff to previous 1.64: preferred, coloured
Changes since revision 1.64: +6 -5 lines
count feedback from the arc4random/lopool-collapse combined result
only as 24 bits, not 31, for the doubleword, to balance inputs better
Revision 1.64: download - view: text, markup, annotated - select for diffs
Fri Sep 24 19:59:09 2010 UTC (13 years, 6 months ago) by tg
- 1004C9D02C32F9ABA6D
Branches: MAIN
Diff to previous 1.63: preferred, coloured
Changes since revision 1.63: +16 -21 lines
• move rstat from bits to bytes (except distribution, of course)
• re-use RND_SRC_AUDIO for video and rename it RND_SRC_AUVIS
• switch to using add_auvis_entropy() in MirBSD code
• let RND_SRC_IMACS take up former RND_SRC_VIDEO’s place in statistics
• keep statistics for lopool en- and dequeues as well
• let rstat look ok also on 80x24 terminal
Revision 1.63: download - view: text, markup, annotated - select for diffs
Sun Sep 19 18:55:34 2010 UTC (13 years, 6 months ago) by tg
- 1004C965C8F46717878
Branches: MAIN
Diff to previous 1.62: preferred, coloured
Changes since revision 1.62: +260 -563 lines
the promised new RNG (play with RNDEBUG in crypto/randimpl.h to make
it verbose; I did, for a while and a bit of fine-tuning)
Revision 1.62: download - view: text, markup, annotated - select for diffs
Sun Sep 12 19:02:15 2010 UTC (13 years, 6 months ago) by tg
- 1004C8D23B831318D31
Branches: MAIN
Diff to previous 1.61: preferred, coloured
Changes since revision 1.61: +4 -4 lines
use monotonic time for the push pools; when todr is initialised, add that
so we get the date+time into it as well
Revision 1.61: download - view: text, markup, annotated - select for diffs
Sun Sep 12 18:50:25 2010 UTC (13 years, 6 months ago) by tg
- 1004C8D20FC68053736
Branches: MAIN
Diff to previous 1.60: preferred, coloured
Changes since revision 1.60: +44 -27 lines
a bit more like it's supposed to work
Revision 1.60: download - view: text, markup, annotated - select for diffs
Sun Sep 12 18:20:00 2010 UTC (13 years, 6 months ago) by tg
- 1004C8D19CE4D7E4CD9
Branches: MAIN
Diff to previous 1.59: preferred, coloured
Changes since revision 1.59: +25 -64 lines
part 1: remove the addpool, replace with dummy lopool
do not install this, it reduces entropy
Revision 1.59: download - view: text, markup, annotated - select for diffs
Sun Sep 12 12:24:30 2010 UTC (13 years, 6 months ago) by tg
- 1004C8CC69150D1B4BD
Branches: MAIN
Diff to previous 1.58: preferred, coloured
Changes since revision 1.58: +1 -46 lines
• kern/c/arc4random_uniform.c, kern/include/libckern.h: move
arc4random_uniform(3) implementation here
• kern/c/Makefile.inc: build arc4random_uniform.c kernel/user
• lib/libc/crypt/arc4random.c, sys/dev/rnd.c: remove implementation here
• sys/dev/rndvar.h: prototype is now in <libckern.h>
• contrib/code/Snippets/arc4random.c: sync with master implementation
Revision 1.58: download - view: text, markup, annotated - select for diffs
Thu Jan 28 23:00:45 2010 UTC (14 years, 2 months ago) by tg
- 1004B6216F010CD4496
Branches: MAIN
Diff to previous 1.57: preferred, coloured
Changes since revision 1.57: +4 -2 lines
assign 1 instead of 32 bits urandom-pool-count to doublewords
read from the wrandom pool to not skew the stats too bad
XXX this all needs a rewrite anyway
Revision 1.57: download - view: text, markup, annotated - select for diffs
Wed Jan 6 19:11:53 2010 UTC (14 years, 2 months ago) by tg
- 1004B44E03412A89242
Branches: MAIN
Diff to previous 1.56: preferred, coloured
Changes since revision 1.56: +8 -8 lines
With the test programme below, I also have double-checked the
arc4random_uniform interna. Thus, sync it across all the dif-
ferent implemementations for better comprehension.
begin 644 test.c.gz
M'XL(```````"`UV036O#,`R&S_:O>-=1L)MN)$X(A7X<=^JUL,-@C"6EAM0=
M:=(:UNRW3[83ME076=*C5[(>M?FLVJ+$ZMP4^O1\V'"N3<./']J(RTD7DG]S
MUE(JS]X;V#GJ/%N&3*I<)E642]6QK;Q?<LXLUH@)NAYT54)$D<4*L4WBWG;;
MK03),M)RZ*B"*2SU,A*FFG_J/80+-X0N!C(HL#":R-KS"2+\6+<&8QW*ZES>
M84+$]J6W'9Z"\`Q04E)K(MWXT,Z"XC^><$>/L:Y?T/WE(:QQN^$OHK'2J7W5
M=+*]F-CU-%Z\(L^"3]5,#2_OW\QD[J_JFD`FAEM+$AW=6M)\&E^735L;6I3B
+CO\"?M$\_-(!````
`
end
Revision 1.56: download - view: text, markup, annotated - select for diffs
Wed Jan 6 17:52:33 2010 UTC (14 years, 2 months ago) by tg
- 1004B44CDF76EA71CDB
Branches: MAIN
Diff to previous 1.55: preferred, coloured
Changes since revision 1.55: +2 -1 lines
fix a coding error in the KSA found by myself reading several descriptions of aRC4
Revision 1.55: download - view: text, markup, annotated - select for diffs
Mon Nov 9 21:36:40 2009 UTC (14 years, 4 months ago) by tg
- 1004AF88B6210E6BBB3
Branches: MAIN
Diff to previous 1.54: preferred, coloured
Changes since revision 1.54: +2 -7 lines
bump libc minor, to be able to pull in OAAT hash helper functions,
as well as globalise the hashpad things; sync mirmake and kernel
Revision 1.54: download - view: text, markup, annotated - select for diffs
Mon Nov 9 20:11:56 2009 UTC (14 years, 4 months ago) by tg
- 1004AF877472390A74C
Branches: MAIN
Diff to previous 1.53: preferred, coloured
Changes since revision 1.53: +4 -2 lines
reinit arc4 after $some_lot_of bytes, so that we never get the
full 2³⁰ or so bytes required to crack the stream, since we
count them anyway
Revision 1.53: download - view: text, markup, annotated - select for diffs
Mon Nov 9 19:49:27 2009 UTC (14 years, 4 months ago) by tg
- 1004AF872556D775AC4
Branches: MAIN
Diff to previous 1.52: preferred, coloured
Changes since revision 1.52: +3 -1 lines
do more explicit initialisation to 0
Revision 1.52: download - view: text, markup, annotated - select for diffs
Mon Nov 9 19:43:45 2009 UTC (14 years, 4 months ago) by tg
- 1004AF870EF5AE8038B
Branches: MAIN
Diff to previous 1.51: preferred, coloured
Changes since revision 1.51: +51 -1 lines
improve RNG stuff with proper hashing
(checked arc4* stuff to avoid short cycles; OpenBSD already ensured that)
Revision 1.51: download - view: text, markup, annotated - select for diffs
Sun Feb 22 17:06:26 2009 UTC (15 years, 1 month ago) by tg
- 10049A185F539B9D87C
Branches: MAIN
Diff to previous 1.50: preferred, coloured
Changes since revision 1.50: +14 -1 lines
at kernel entry on shutdown (SYS_reboot), before shutting down the VFS,
add the wrandom(4) pool to arc4random(9) and stir the latter, so that
the superblock entropy fields and other places get the maximum possible
out of it
Revision 1.50: download - view: text, markup, annotated - select for diffs
Thu Jan 29 17:53:29 2009 UTC (15 years, 2 months ago) by tg
- 1004981EC3226B1450A
Branches: MAIN
Diff to previous 1.49: preferred, coloured
Changes since revision 1.49: +57 -17 lines
* flesh out arc4_addrandom
* do not stir arc4random(9) whenever the "slow pool" is full
* add another timeouty routine, called every 64±32sec, which
extracts 8 bytes (an "extraction unit") and adds it (and a
timestamp) to the "arandom pool" like arc4random_addrandom
does, iff the "main pool" has more! than 32 bytes worth of
entropy left
this should improve overall entropy consumption and distribution,
introducing a slight favour towards arandom(4) away from srandom(4)
and urandom(4) -- get a VIA C3 system if you need the latter, as on
them, srandom spits out 128 KiB or so in a second (woah).
Revision 1.49: download - view: text, markup, annotated - select for diffs
Wed Jan 21 19:46:53 2009 UTC (15 years, 2 months ago) by tg
- 10049777BBE4DF923C6
Branches: MAIN
Diff to previous 1.48: preferred, coloured
Changes since revision 1.48: +11 -9 lines
similarily as in user space
Revision 1.48: download - view: text, markup, annotated - select for diffs
Fri Dec 26 19:58:06 2008 UTC (15 years, 3 months ago) by tg
- 100495537633C63E0D6
Branches: MAIN
Diff to previous 1.47: preferred, coloured
Changes since revision 1.47: +1 -2 lines
wtf?
Revision 1.47: download - view: text, markup, annotated - select for diffs
Thu Nov 13 00:19:00 2008 UTC (15 years, 4 months ago) by tg
- 100491B72610A0B4932
Branches: MAIN
Diff to previous 1.46: preferred, coloured
Changes since revision 1.46: +3 -4 lines
reduce standard arc4random seed frequency a little, because due to our
higher number of entropy sources, the pool gets more full more quickly
Revision 1.46: download - view: text, markup, annotated - select for diffs
Sat Jul 26 19:40:51 2008 UTC (15 years, 8 months ago) by tg
- 100488B7DCB62D12C2B
Branches: MAIN
Diff to previous 1.45: preferred, coloured
Changes since revision 1.45: +3 -3 lines
now that we have the name IMACSing, use it in various places
instead of the previous “just how do we call it”-temporaries
Revision 1.45: download - view: text, markup, annotated - select for diffs
Sat Jul 12 16:15:15 2008 UTC (15 years, 8 months ago) by tg
- 1004878D81E0053C1D0
Branches: MAIN
Diff to previous 1.44: preferred, coloured
Changes since revision 1.44: +7 -3 lines
• dev/rnd*: implement new add_kbint_randomness() macro for keyboard-
(and/or) interactive entropy (currently the same as add_tty_randomness,
but will change in the future)
• zskbd(4/sparc): feed raw scancode entropy into pool too, like pckbd(4)
does on i386, so that nōn-serial-console users can tap on shift, ctrl,
alt, meta and the likes before or during e.g. ssh key generation
• pckbc.c: use new add_kbint_randomness ipv add_tty_randomness
Revision 1.44: download - view: text, markup, annotated - select for diffs
Thu Jul 10 14:39:24 2008 UTC (15 years, 8 months ago) by tg
- 10048761F304136E092
Branches: MAIN
Diff to previous 1.43: preferred, coloured
Changes since revision 1.43: +47 -2 lines
merge
Revision 1.1.1.4 (vendor branch): download - view: text, markup, annotated - select for diffs
Thu Jul 10 14:36:42 2008 UTC (15 years, 8 months ago) by tg
- 10048761E8F7F89D358
Branches: openbsd
CVS tags: tg-beforemerge-ksrc10
Diff to previous 1.1.1.3: preferred, coloured
Changes since revision 1.1.1.3: +45 -0 lines
+arc4random_uniform
Revision 1.43: download - view: text, markup, annotated - select for diffs
Tue Jul 8 13:43:12 2008 UTC (15 years, 8 months ago) by tg
- 10048736F031A71E520
Branches: MAIN
Diff to previous 1.42: preferred, coloured
Changes since revision 1.42: +4 -2 lines
bounds checking
Revision 1.33.4.1: download - view: text, markup, annotated - select for diffs
Tue Jul 8 13:27:50 2008 UTC (15 years, 8 months ago) by tg
- 10048736AFA24714F87
Branches: MIRBSD_10
Diff to previous 1.33: preferred, coloured next main 1.34: preferred, coloured
Changes since revision 1.33: +3 -4 lines
MFC: what was I thinking? on a premature arc4random_maybeinit() call,
either by arc4random() or by arc4random_getbytes(), rnd_attached was
0 and arc4random_initialised 0, but we set arc4random_initialised to
1 without doing the deed…
Revision 1.42: download - view: text, markup, annotated - select for diffs
Tue Jul 8 13:25:28 2008 UTC (15 years, 8 months ago) by tg
- 10048736A6C78B7F150
Branches: MAIN
Diff to previous 1.41: preferred, coloured
Changes since revision 1.41: +3 -4 lines
really allow premature use of arc4random(9) [safely returning values
generated from random() instead] – r1.28 cid 1004682AD576DE15368 was
a nice try but not enough
Revision 1.41: download - view: text, markup, annotated - select for diffs
Tue Jul 8 13:20:04 2008 UTC (15 years, 8 months ago) by tg
- 100487368DB7C3C0CE4
Branches: MAIN
Diff to previous 1.40: preferred, coloured
Changes since revision 1.40: +9 -4 lines
• since homsn is so afraid of wrandom(4) and Tonnerre mentions possible
birthday attacks, instead of modulating the LSB we now XOR the entire
value with an arc4random(9)-generated one before adding, which, while
not adding extra entropy (due to the loop issue), prevents these, and
since there’s a distance of 2 pools, we do not have back coupling.
• do _not_ use random(), as it’s used for PIDs by the scheduler, or so,
says the hints, use arc4random() instead
• #ifdef DIAGNOSTIC code that could never have been executed, add a de-
bugging message, and do *not* forget to re-schedule (oO)
Revision 1.40: download - view: text, markup, annotated - select for diffs
Fri Jun 13 14:00:04 2008 UTC (15 years, 9 months ago) by tg
- 10048527D4D464F8F7D
Branches: MAIN
Diff to previous 1.39: preferred, coloured
Changes since revision 1.39: +14 -17 lines
• get rid of rnd_bootpool* now that we can use rnd_addpool_add() early
• drain the rnd_addpool not a 32-burst every half minute or so, but
one word at a time about every second ± ½
Revision 1.39: download - view: text, markup, annotated - select for diffs
Fri Jun 13 13:11:50 2008 UTC (15 years, 9 months ago) by tg
- 1004852721E130137B5
Branches: MAIN
Diff to previous 1.38: preferred, coloured
Changes since revision 1.38: +3 -4 lines
speedup: only process rnd_addpool_allow check while draining, not adding
Revision 1.38: download - view: text, markup, annotated - select for diffs
Wed Apr 9 05:45:41 2008 UTC (15 years, 11 months ago) by tg
- 10047FC57D909BED61F
Branches: MAIN
Diff to previous 1.37: preferred, coloured
Changes since revision 1.37: +2 -2 lines
new macro rnd_bootpool_add for
• simplifying operations on rnd_bootpool
• allowing to use it _past_ enqueueing of rnd_bootpool into user pool
near end of kernel boot-up (think PCMCIA NIC hot-plug¹)
¹) yes, despite RFC1750 and with Vutral’s idea
Revision 1.37: download - view: text, markup, annotated - select for diffs
Sat Mar 22 22:58:41 2008 UTC (16 years ago) by tg
- 10047E58F3353EBD9BA
Branches: MAIN
Diff to previous 1.36: preferred, coloured
Changes since revision 1.36: +6 -4 lines
thinko (compile fix)
Revision 1.36: download - view: text, markup, annotated - select for diffs
Sat Mar 22 22:54:17 2008 UTC (16 years ago) by tg
- 10047E58DF92B63D5BB
Branches: MAIN
Diff to previous 1.35: preferred, coloured
Changes since revision 1.35: +12 -14 lines
refacture: we only want to use the slow pool if it's full,
we only want to fill it if it's enabled and not full,
we can use it if we just filled it up to max,
and we always must fill in buf[0‥255], no matter what
Revision 1.35: download - view: text, markup, annotated - select for diffs
Sat Mar 22 22:26:29 2008 UTC (16 years ago) by tg
- 10047E57FC91F0D4F1A
Branches: MAIN
Diff to previous 1.34: preferred, coloured
Changes since revision 1.34: +49 -5 lines
Another step towards recomming arandom(4) for high-quality high-security
use (and arc4random(3) gets improved as well):
As suggested by Bruce Schneier’s Yarrow paper, split the arandom(4) source
into a “slow pool” and a “fast pool”, the latter being what we already had,
the former being the new thing: the uint8_t initial_entropy[16] array in-
troduced with commitid 10047E40AFE44E65982 is employed, after the initial
enqueue of its content into the pool and bzero(3)ing it (and setting the
value of initial_entropy_ptr from the initial -1 to 0), to keep a 128-bit
“slow pool” (with initial_entropy_ptr ranging from 0‥15) which is XOR’d
into the 256 octets stirring the arcfour state IFF it’s full. The “slow
pool” is filled whenever any entropy is dequeued from the main pool to an
amount that would deplete it, or on arc4 stirs if we’ve got an octet left
after eating up some pool data. The slow pool mixes into all of the fast
pool upon emptying.
While care has been taken on designing this, srandom(4) may be affected as
its check for the data size read being smaller than entropy_count comes be-
fore the dequeue action (which, in turn, _can_ extract eight more bits if
the pool would be emptied). Suggestion is to use very small reads, if you
must use srandom(4), or to use arandom(4) instead (or just mix both).
Revision 1.34: download - view: text, markup, annotated - select for diffs
Fri Mar 21 19:22:16 2008 UTC (16 years ago) by tg
- 10047E40AFE44E65982
Branches: MAIN
Diff to previous 1.33: preferred, coloured
Changes since revision 1.33: +18 -1 lines
I thought this could be nice: add 128 bits of boot entropy to each kernel
Revision 1.33: download - view: text, markup, annotated - select for diffs
Fri Sep 28 18:33:24 2007 UTC (16 years, 6 months ago) by tg
- 10046FD48A70BF91C15
Branches: MAIN
CVS tags: MIRBSD_10_BASE
Branch point for: MIRBSD_10
Diff to previous 1.32: preferred, coloured
Changes since revision 1.32: +25 -44 lines
• do not always srandom(), once is enough, it’s not supposed to be crypto-
graphically good anyway, just continuous
• new int arc4random_seedfreq; contains the frequency of arc4random(9)
re-seeds, by default still 10 minutes
• if a VIA C3 Hardware RNG is found, re-seed every minute (ok 64 seconds…)
• bump © years, sync licence etc.
Revision 1.32: download - view: text, markup, annotated - select for diffs
Mon Sep 24 16:56:23 2007 UTC (16 years, 6 months ago) by tg
- 10046F7EC32124255D0
Branches: MAIN
Diff to previous 1.31: preferred, coloured
Changes since revision 1.31: +5 -11 lines
let arc4random_bytes() do the fuzziness trick instead
doesn't really hurt the only two other uses, and saves some bytes
Revision 1.31: download - view: text, markup, annotated - select for diffs
Mon Sep 24 16:24:25 2007 UTC (16 years, 6 months ago) by tg
- 10046F7E3C545DA7572
Branches: MAIN
Diff to previous 1.30: preferred, coloured
Changes since revision 1.30: +4 -1 lines
rate-limit the /dev/arandom and sysctl KERN_ARND output a little,
to reduce the danger arising from recognisable output patterns as
shown in the Schneier paper discussing PRNGs (I was thinking of a
programme pulling high-rate from /dev/arandom)
this is not the best I can do, but it's quite ok (and uneven)
now we’d ideally have some kind of pool fed with very conservati-
vely measured entropy, maybe 32 bits or so, and xoring the buffer
in arc4_stir with that before using it, to protect against a high
rate pull from /dev/srandom
Revision 1.30: download - view: text, markup, annotated - select for diffs
Fri Aug 24 14:15:05 2007 UTC (16 years, 7 months ago) by tg
- 10046CEE7E37D5DCB3F
Branches: MAIN
Diff to previous 1.29: preferred, coloured
Changes since revision 1.29: +18 -9 lines
hopefully fix all the “timeout_add: not initialis̲ed” panic()s…
Revision 1.29: download - view: text, markup, annotated - select for diffs
Thu Jul 26 10:16:21 2007 UTC (16 years, 8 months ago) by tg
- 10046A874532AD148D2
Branches: MAIN
Diff to previous 1.28: preferred, coloured
Changes since revision 1.28: +2 -2 lines
pad with (1‥3) arc4random(9) instead of NUL bytes, since the entropy adder
assumes 32 bit for randomwrite()
Revision 1.28: download - view: text, markup, annotated - select for diffs
Wed Jun 27 18:33:04 2007 UTC (16 years, 9 months ago) by tg
- 1004682AD576DE15368
Branches: MAIN
Diff to previous 1.27: preferred, coloured
Changes since revision 1.27: +4 -5 lines
if premature use of arc4random(), don't timeout_add an uninitialised
value before panic()ing, return a random() value instead
Revision 1.27: download - view: text, markup, annotated - select for diffs
Fri Feb 2 16:45:07 2007 UTC (17 years, 1 month ago) by tg
- 10045C36A7B5DB2058E
Branches: MAIN
Diff to previous 1.26: preferred, coloured
Changes since revision 1.26: +2 -2 lines
make /dev/wrandom as alias for /dev/prandom but allow it to
be written to - I plan to emulate our entropy suite on other
OSes where /dev/prandom may be read-only emulated by pipes
or similar means
Revision 1.26: download - view: text, markup, annotated - select for diffs
Sun Oct 8 00:24:43 2006 UTC (17 years, 5 months ago) by tg
- 100452845255DA75FEF
Branches: MAIN
Diff to previous 1.25: preferred, coloured
Changes since revision 1.25: +2 -2 lines
add a few more entropy sources, some suggested by Vutral, but don't
scan for /*/PUTTY.RND and /*/RANDSEED.BIN ;-) and remove a stupid one;
move dmesg.boot code for installer from install.sub into firstrun
code, and initialise a counter in rnd.c to zero which was previously not (oO)
Revision 1.25: download - view: text, markup, annotated - select for diffs
Tue Oct 3 20:23:56 2006 UTC (17 years, 5 months ago) by tg
- 1004522C65D1DCF6C98
Branches: MAIN
Diff to previous 1.24: preferred, coloured
Changes since revision 1.24: +5 -4 lines
SECURITY: if the kern.pushrand sysctl is enabled (default), unprivilegued
users can bring a system (locally) to ddb(4) if writing approx. POOLBYTES
bytes to /dev/prandom (off-by-one-uint32_t buffer read). Possibly fixed.
Revision 1.24: download - view: text, markup, annotated - select for diffs
Tue Aug 22 20:58:24 2006 UTC (17 years, 7 months ago) by tg
- 10044EB6F0E3FCA4304
Branches: MAIN
Diff to previous 1.23: preferred, coloured
Changes since revision 1.23: +3 -3 lines
double the size of the addpool buffer, now that it isn't
accounted for as "true randomness" (but still added)
Revision 1.23: download - view: text, markup, annotated - select for diffs
Fri Aug 18 12:29:52 2006 UTC (17 years, 7 months ago) by tg
- 10044E5B2BC1BD5DDC8
Branches: MAIN
Diff to previous 1.22: preferred, coloured
Changes since revision 1.22: +14 -7 lines
slightly improve the addpool; don't count its input as 'true entropy'
since it isn't (pending a post-#9bis redesign in -current)
Revision 1.22: download - view: text, markup, annotated - select for diffs
Thu Jun 29 13:27:36 2006 UTC (17 years, 9 months ago) by tg
- 10044A3D52C39EC17B5
Branches: MAIN
Diff to previous 1.21: preferred, coloured
Changes since revision 1.21: +9 -11 lines
remove pretty useless "re-initialise random() on writes to /dev/prandom",
it ust bloats the code ;) and the PRND is re-initialised anyway automatically
also, correct spelling and make two variables static while here
Revision 1.21: download - view: text, markup, annotated - select for diffs
Sun May 28 23:35:20 2006 UTC (17 years, 10 months ago) by tg
- 100447A339A097D44B1
Branches: MAIN
CVS tags: MIRBSD_9_BASE
Diff to previous 1.20: preferred, coloured
Changes since revision 1.20: +3 -3 lines
speed up first processing of the addpool buffer
(at boot, more things happen)
Revision 1.20.2.1: download - view: text, markup, annotated - select for diffs
Sun May 28 19:24:59 2006 UTC (17 years, 10 months ago) by tg
- 1004479F89D06CF5B19
Branches: tg-rndaddpool-debug
Diff to previous 1.20: preferred, coloured next main 1.21: preferred, coloured
Changes since revision 1.20: +24 -3 lines
I intended to commit this because my debugging script:
| while sleep 2; do
| set -A foo $(sysctl kern.random)
| let i=${foo[56]}
| printf '%16s' "$i ($((i / 32)))"
| done
didn't display anything worthwhile, but I had forgotten
about the initial delay where rnd(4) is not yet attached;
it works now (icmp, tcp, rdate all contribute; filling it
manually via /dev/prandom adds 16 32-bit values; the in-
terval is randomised).
Revision 1.20: download - view: text, markup, annotated - select for diffs
Sun May 28 13:24:54 2006 UTC (17 years, 10 months ago) by tg
- 1004479A4562E49A173
Branches: MAIN
Branch point for: tg-rndaddpool-debug
Diff to previous 1.19: preferred, coloured
Changes since revision 1.19: +9 -14 lines
* rnd_addpool_add: instead of complicated buffer backtracing,
just process all over the buffer (512 bit, so a SHA-2 fits)
discarding all all-zero and all-ones entries, keep the ran-
domising to prevent attack vector, bzero the addpool buffer
afterwards and don't care about the ringbuffer counter
speeds up by some amount; 16 32-bit words is still small
* add_true_randomness: an int is 32 not 31 bits, account pro-
perly if you try to account, dear mickey
Revision 1.19: download - view: text, markup, annotated - select for diffs
Sun May 28 13:19:11 2006 UTC (17 years, 10 months ago) by tg
- 1004479A3517746A8D0
Branches: MAIN
Diff to previous 1.18: preferred, coloured
Changes since revision 1.18: +2 -2 lines
* randomwrite() is always called after attach
* speed up srandom
Revision 1.18: download - view: text, markup, annotated - select for diffs
Sun May 28 02:55:16 2006 UTC (17 years, 10 months ago) by tg
- 1004479112757429F47
Branches: MAIN
Diff to previous 1.17: preferred, coloured
Changes since revision 1.17: +3 -2 lines
missing parens
Revision 1.17: download - view: text, markup, annotated - select for diffs
Sun May 28 02:52:58 2006 UTC (17 years, 10 months ago) by tg
Branches: MAIN
Diff to previous 1.16: preferred, coloured
Changes since revision 1.16: +2 -1 lines
strip out "all bits 0", "all bits 1" and randomise to prevent
attack vector, all in once
Revision 1.16: download - view: text, markup, annotated - select for diffs
Sun May 28 01:50:14 2006 UTC (17 years, 10 months ago) by tg
Branches: MAIN
Diff to previous 1.15: preferred, coloured
Changes since revision 1.15: +4 -8 lines
fix reschedule intervals for addpool cleaner
(now: 8.5 min if off, 32..40 sec if on)
Revision 1.15: download - view: text, markup, annotated - select for diffs
Fri May 26 12:04:59 2006 UTC (17 years, 10 months ago) by tg
- 1004476EF36CAFEBABE
Branches: MAIN
Diff to previous 1.14: preferred, coloured
Changes since revision 1.14: +3 -1 lines
* add entropy from lower memory (at boot-up) and
kernel msg buffer (at its initialisation time)
into random pool
* don't initialise with ticks repeatedly
Revision 1.14: download - view: text, markup, annotated - select for diffs
Sun May 7 07:06:32 2006 UTC (17 years, 10 months ago) by tg
- 100445D9C825C570209
Branches: MAIN
Diff to previous 1.13: preferred, coloured
Changes since revision 1.13: +48 -60 lines
clean up the code a little (spacing, KNF, ...)
Revision 1.13: download - view: text, markup, annotated - select for diffs
Sun May 7 06:54:46 2006 UTC (17 years, 10 months ago) by tg
- 100445D99B5084761F0
Branches: MAIN
Diff to previous 1.12: preferred, coloured
Changes since revision 1.12: +13 -1 lines
disallow some writing/flushing operations on the rnd device
when the system is in "highly secure mode", inspired by gecko2
Revision 1.4.2.1: download - view: text, markup, annotated - select for diffs
Tue Apr 11 00:34:14 2006 UTC (17 years, 11 months ago) by tg
- 100443AF98142650B20
Branches: MIRBSD_8
Diff to previous 1.4: preferred, coloured next main 1.5: preferred, coloured
Changes since revision 1.4: +2 -2 lines
MFC: make code match comments, re-schedule once about every 2 minutes
Revision 1.12: download - view: text, markup, annotated - select for diffs
Tue Apr 11 00:32:52 2006 UTC (17 years, 11 months ago) by tg
- 100443AF9346F76C59A
Branches: MAIN
Diff to previous 1.11: preferred, coloured
Changes since revision 1.11: +6 -4 lines
reduce time to once every minute (approx.) and use plus/minus on
the randomising interval; adjust comments accordingly
Revision 1.11: download - view: text, markup, annotated - select for diffs
Tue Apr 11 00:29:51 2006 UTC (17 years, 11 months ago) by tg
- 100443AF8346F2D196C
Branches: MAIN
Diff to previous 1.10: preferred, coloured
Changes since revision 1.10: +3 -3 lines
* fix thinko: instead of every two (and a bit) minutes we were
emptying the userland-randomness bucket four times a minute.
* fix spelling: anyways -> anyway
Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue Apr 11 00:23:41 2006 UTC (17 years, 11 months ago) by tg
- 100443AF6D06492E539
Branches: MAIN
Diff to previous 1.9: preferred, coloured
Changes since revision 1.9: +5 -2 lines
randomise the time when the next emptying of the addbuf pool is scheduled
a little (only increase it to further reduce low-enough drop rate)
Revision 1.9: download - view: text, markup, annotated - select for diffs
Mon Mar 27 09:25:23 2006 UTC (18 years ago) by tg
- 1004427AF807DDD5CA8
Branches: MAIN
Diff to previous 1.8: preferred, coloured
Changes since revision 1.8: +2 -3 lines
change type of assembly-accessed variables to uint32_t
Revision 1.8: download - view: text, markup, annotated - select for diffs
Mon Feb 27 20:45:30 2006 UTC (18 years, 1 month ago) by tg
- 1004403647A07609421
Branches: MAIN
Diff to previous 1.7: preferred, coloured
Changes since revision 1.7: +6 -8 lines
* skip the timeout_del in rnd_addpool_reinit
* make rnd_addpool_reinit static to ensure it's only being called from this
file and check it's not called shortly before a timeout to make the above
commit safe
* verify that timeout_add with the timeout already en queue is safe
* move the other timeout_add calls up in the function to reschedule them to
a later point in time if called directly
Revision 1.7: download - view: text, markup, annotated - select for diffs
Thu Feb 23 01:29:32 2006 UTC (18 years, 1 month ago) by tg
- 10043FD100E561F2298
Branches: MAIN
Diff to previous 1.6: preferred, coloured
Changes since revision 1.6: +3 -1 lines
add timer randomness on randomread
Revision 1.6: download - view: text, markup, annotated - select for diffs
Thu Feb 23 01:28:27 2006 UTC (18 years, 1 month ago) by tg
- 10043FD0F3B7B6DD667
Branches: MAIN
Diff to previous 1.5: preferred, coloured
Changes since revision 1.5: +5 -1 lines
* on /dev/prandom writes, re-seed internal PRNG too
(which is being used e.f. for /dev/prandom reads)
* on /dev/*random writes, add timer randomness
Revision 1.5: download - view: text, markup, annotated - select for diffs
Thu Feb 23 01:18:20 2006 UTC (18 years, 1 month ago) by tg
- 10043FD0CF30CCBD1F1
Branches: MAIN
Diff to previous 1.4: preferred, coloured
Changes since revision 1.4: +11 -9 lines
* make arc4maybeinit static
* initialise PRNG a little bit earlier
* always carry over a few old PRNG (random()) bits
* fix comments, update licence year
* improve srandom() logic
Revision 1.4: download - view: text, markup, annotated - select for diffs
Thu Jul 7 14:01:59 2005 UTC (18 years, 8 months ago) by tg
- 7eb842cd35eab21d
Branches: MAIN
CVS tags: MIRBSD_8_BASE
Branch point for: MIRBSD_8
Diff to previous 1.3: preferred, coloured
Changes since revision 1.3: +13 -11 lines
merge
Revision 1.1.1.3 (vendor branch): download - view: text, markup, annotated - select for diffs
Thu Jul 7 14:00:21 2005 UTC (18 years, 8 months ago) by tg
- 264042cd35824ee0
Branches: openbsd
Diff to previous 1.1.1.2: preferred, coloured
Changes since revision 1.1.1.2: +12 -10 lines
sync against OpenBSD-HEAD
Revision 1.3: download - view: text, markup, annotated - select for diffs
Mon Jul 4 00:10:41 2005 UTC (18 years, 8 months ago) by tg
- 374642c87e71f89d
Branches: MAIN
Diff to previous 1.2: preferred, coloured
Changes since revision 1.2: +7 -7 lines
merge
Revision 1.1.1.2 (vendor branch): download - view: text, markup, annotated - select for diffs
Mon Jul 4 00:01:27 2005 UTC (18 years, 8 months ago) by tg
- 679142c87c5628b2
Branches: openbsd
Diff to previous 1.1.1.1: preferred, coloured
Changes since revision 1.1.1.1: +6 -6 lines
sync all standard devices and "better midi stuff"
Revision 1.2: download - view: text, markup, annotated - select for diffs
Sun Mar 6 21:27:35 2005 UTC (19 years ago) by tg
Branches: MAIN
Diff to previous 1.1: preferred, coloured
Changes since revision 1.1: +105 -74 lines
* merge src/sys/
(at least the better part of it)
* revert IPv6 networking to OpenBSD, since
I didn't get IPV4_MAPPED addresses working :(
Revision 1.1.1.1 (vendor branch): download - view: text, markup, annotated - select for diffs
Sat Feb 5 17:27:48 2005 UTC (19 years, 1 month ago) by tg
Branches: openbsd
Diff to previous 1.1: preferred, coloured
Changes since revision 1.1: +0 -0 lines
Import the OpenBSD foundation of MirOS BSD
Revision 1.1: download - view: text, markup, annotated - select for diffs
Sat Feb 5 17:27:48 2005 UTC (19 years, 1 month ago) by tg
Branches: MAIN
Initial revision
Valid XHTML/1.0 Transitional! — CVSweb for MirBSD – ChangeLog