Changeset View
Changeset View
Standalone View
Standalone View
sys/dev/random/fenestrasX/fx_brng.c
| Show All 33 Lines | |||||
| #include <sys/lock.h> | #include <sys/lock.h> | ||||
| #include <sys/kernel.h> | #include <sys/kernel.h> | ||||
| #include <sys/malloc.h> | #include <sys/malloc.h> | ||||
| #include <sys/mutex.h> | #include <sys/mutex.h> | ||||
| #include <sys/random.h> | #include <sys/random.h> | ||||
| #include <sys/sdt.h> | #include <sys/sdt.h> | ||||
| #include <sys/sysctl.h> | #include <sys/sysctl.h> | ||||
| #include <sys/systm.h> | #include <sys/systm.h> | ||||
| #include <sys/vdso.h> | |||||
| #include <machine/cpu.h> | #include <machine/cpu.h> | ||||
| #include <dev/random/randomdev.h> | #include <dev/random/randomdev.h> | ||||
| #include <dev/random/random_harvestq.h> | #include <dev/random/random_harvestq.h> | ||||
| #include <dev/random/uint128.h> | #include <dev/random/uint128.h> | ||||
| #include <dev/random/fenestrasX/fx_brng.h> | #include <dev/random/fenestrasX/fx_brng.h> | ||||
| ▲ Show 20 Lines • Show All 53 Lines • ▼ Show 20 Lines | fxrng_brng_src_reseed(const struct harvest_event *event) | ||||
| * Bump root generation (which is costly) to force downstream BRNGs to | * Bump root generation (which is costly) to force downstream BRNGs to | ||||
| * reseed and quickly incorporate the new entropy. The intuition is | * reseed and quickly incorporate the new entropy. The intuition is | ||||
| * that this tradeoff is worth it because new sources show up extremely | * that this tradeoff is worth it because new sources show up extremely | ||||
| * rarely (limiting cost) and if they can contribute any entropy to a | * rarely (limiting cost) and if they can contribute any entropy to a | ||||
| * weak state, we want to propagate it to all generators ASAP. | * weak state, we want to propagate it to all generators ASAP. | ||||
| */ | */ | ||||
| rng->brng_generation++; | rng->brng_generation++; | ||||
| atomic_store_rel_64(&fxrng_root_generation, rng->brng_generation); | atomic_store_rel_64(&fxrng_root_generation, rng->brng_generation); | ||||
| /* Update VDSO version. */ | |||||
| fxrng_push_seed_generation(rng->brng_generation); | |||||
| FXRNG_BRNG_UNLOCK(rng); | FXRNG_BRNG_UNLOCK(rng); | ||||
| } | } | ||||
| /* | /* | ||||
| * Reseed a brng from some amount of pooled entropy (determined in fx_pool.c by | * Reseed a brng from some amount of pooled entropy (determined in fx_pool.c by | ||||
| * fxent_timer_reseed_npools). For initial seeding, we pool entropy in a | * fxent_timer_reseed_npools). For initial seeding, we pool entropy in a | ||||
| * single pool and use this API as well (fxrng_alg_seeded). | * single pool and use this API as well (fxrng_alg_seeded). | ||||
| */ | */ | ||||
| void | void | ||||
| fxrng_brng_reseed(const void *entr, size_t sz) | fxrng_brng_reseed(const void *entr, size_t sz) | ||||
| { | { | ||||
| struct fxrng_buffered_rng *rng; | struct fxrng_buffered_rng *rng; | ||||
| rng = &fxrng_root; | rng = &fxrng_root; | ||||
| FXRNG_BRNG_LOCK(rng); | FXRNG_BRNG_LOCK(rng); | ||||
| fxrng_rng_reseed(&rng->brng_rng, (rng->brng_generation > 0), entr, sz); | fxrng_rng_reseed(&rng->brng_rng, (rng->brng_generation > 0), entr, sz); | ||||
| FXRNG_BRNG_ASSERT(rng); | FXRNG_BRNG_ASSERT(rng); | ||||
| rng->brng_generation++; | rng->brng_generation++; | ||||
| atomic_store_rel_64(&fxrng_root_generation, rng->brng_generation); | atomic_store_rel_64(&fxrng_root_generation, rng->brng_generation); | ||||
| /* Update VDSO version. */ | |||||
| fxrng_push_seed_generation(rng->brng_generation); | |||||
| FXRNG_BRNG_UNLOCK(rng); | FXRNG_BRNG_UNLOCK(rng); | ||||
| } | } | ||||
| /* | |||||
| * Sysentvec and VDSO are initialized much later than SI_SUB_RANDOM. When | |||||
| * they're online, go ahead and push an initial root seed version. | |||||
| * INIT_SYSENTVEC runs at SI_SUB_EXEC:SI_ORDER_ANY, and SI_ORDER_ANY is the | |||||
| * maximum value, so we must run at SI_SUB_EXEC+1. | |||||
| */ | |||||
| static void | |||||
| fxrng_vdso_sysinit(void *dummy __unused) | |||||
| { | |||||
| FXRNG_BRNG_LOCK(&fxrng_root); | |||||
| fxrng_push_seed_generation(fxrng_root.brng_generation); | |||||
| FXRNG_BRNG_UNLOCK(&fxrng_root); | |||||
| } | |||||
| SYSINIT(fxrng_vdso, SI_SUB_EXEC + 1, SI_ORDER_ANY, fxrng_vdso_sysinit, NULL); | |||||
| /* | /* | ||||
| * Grab some bytes off an initialized, current generation RNG. | * Grab some bytes off an initialized, current generation RNG. | ||||
| * | * | ||||
| * (Does not handle reseeding if our generation is stale.) | * (Does not handle reseeding if our generation is stale.) | ||||
| * | * | ||||
| * Locking protocol is a bit odd. The RNG is locked on entrance, but the lock | * Locking protocol is a bit odd. The RNG is locked on entrance, but the lock | ||||
| * is dropped on exit. This avoids holding a lock during expensive and slow | * is dropped on exit. This avoids holding a lock during expensive and slow | ||||
| ▲ Show 20 Lines • Show All 155 Lines • Show Last 20 Lines | |||||