randomdev_soft.c revision 128320 
1128059Smarkm/*-
2128059Smarkm * Copyright (c) 2000-2004 Mark R V Murray
3128059Smarkm * All rights reserved.
4128059Smarkm *
5128059Smarkm * Redistribution and use in source and binary forms, with or without
6128059Smarkm * modification, are permitted provided that the following conditions
7128059Smarkm * are met:
8128059Smarkm * 1. Redistributions of source code must retain the above copyright
9128059Smarkm *    notice, this list of conditions and the following disclaimer
10128059Smarkm *    in this position and unchanged.
11128059Smarkm * 2. Redistributions in binary form must reproduce the above copyright
12128059Smarkm *    notice, this list of conditions and the following disclaimer in the
13128059Smarkm *    documentation and/or other materials provided with the distribution.
14128059Smarkm *
15128059Smarkm * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16128059Smarkm * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17128059Smarkm * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18128059Smarkm * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19128059Smarkm * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20128059Smarkm * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21128059Smarkm * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22128059Smarkm * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23128059Smarkm * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24128059Smarkm * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25128059Smarkm *
26128059Smarkm */
27128059Smarkm
28128059Smarkm#include <sys/cdefs.h>
29128059Smarkm__FBSDID("$FreeBSD: head/sys/dev/random/randomdev_soft.c 128320 2004-04-16 17:07:11Z markm $");
30128059Smarkm
31128059Smarkm#include <sys/param.h>
32128059Smarkm#include <sys/systm.h>
33128059Smarkm#include <sys/bus.h>
34128059Smarkm#include <sys/conf.h>
35128059Smarkm#include <sys/fcntl.h>
36128059Smarkm#include <sys/kernel.h>
37128059Smarkm#include <sys/kthread.h>
38128059Smarkm#include <sys/lock.h>
39128059Smarkm#include <sys/malloc.h>
40128059Smarkm#include <sys/mutex.h>
41128059Smarkm#include <sys/poll.h>
42128059Smarkm#include <sys/proc.h>
43128059Smarkm#include <sys/random.h>
44128059Smarkm#include <sys/selinfo.h>
45128059Smarkm#include <sys/sysctl.h>
46128059Smarkm#include <sys/uio.h>
47128059Smarkm#include <sys/unistd.h>
48128059Smarkm#include <sys/vnode.h>
49128059Smarkm
50128059Smarkm#include <machine/bus.h>
51128059Smarkm#include <machine/cpu.h>
52128059Smarkm
53128059Smarkm#include <dev/random/randomdev.h>
54128059Smarkm#include <dev/random/randomdev_soft.h>
55128059Smarkm
56128059Smarkm#define RANDOM_FIFO_MAX	256	/* How many events to queue up */
57128059Smarkm
58128059Smarkmstatic void random_kthread(void *);
59128059Smarkmstatic void
60128059Smarkmrandom_harvest_internal(u_int64_t, const void *, u_int,
61128059Smarkm    u_int, u_int, enum esource);
62128059Smarkm
63128059Smarkmstruct random_systat random_yarrow = {
64128059Smarkm	.ident = "Software, Yarrow",
65128059Smarkm	.init = random_yarrow_init,
66128059Smarkm	.deinit = random_yarrow_deinit,
67128059Smarkm	.read = random_yarrow_read,
68128059Smarkm	.write = random_yarrow_write,
69128059Smarkm	.reseed = random_yarrow_reseed,
70128059Smarkm	.seeded = 0,
71128059Smarkm};
72128059Smarkm
73128059SmarkmMALLOC_DEFINE(M_ENTROPY, "entropy", "Entropy harvesting buffers");
74128059Smarkm
75128059Smarkm/* Lockable FIFO queue holding entropy buffers */
76128059Smarkmstruct entropyfifo {
77128059Smarkm	struct mtx lock;
78128059Smarkm	int count;
79128059Smarkm	STAILQ_HEAD(harvestlist, harvest) head;
80128059Smarkm};
81128059Smarkm
82128059Smarkm/* Empty entropy buffers */
83128059Smarkmstatic struct entropyfifo emptyfifo;
84128059Smarkm
85128059Smarkm#define EMPTYBUFFERS	1024
86128059Smarkm
87128059Smarkm/* Harvested entropy */
88128059Smarkmstatic struct entropyfifo harvestfifo[ENTROPYSOURCE];
89128059Smarkm
90128059Smarkm/* <0 to end the kthread, 0 to let it run */
91128059Smarkmstatic int random_kthread_control = 0;
92128059Smarkm
93128059Smarkmstatic struct proc *random_kthread_proc;
94128059Smarkm
95128059Smarkm/* List for the dynamic sysctls */
96128059Smarkmstruct sysctl_ctx_list random_clist;
97128059Smarkm
98128059Smarkm/* ARGSUSED */
99128059Smarkmstatic int
100128059Smarkmrandom_check_boolean(SYSCTL_HANDLER_ARGS)
101128059Smarkm{
102128059Smarkm	if (oidp->oid_arg1 != NULL && *(u_int *)(oidp->oid_arg1) != 0)
103128059Smarkm		*(u_int *)(oidp->oid_arg1) = 1;
104128059Smarkm	return sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req);
105128059Smarkm}
106128059Smarkm
107128059Smarkm/* ARGSUSED */
108128059Smarkmvoid
109128059Smarkmrandom_yarrow_init(void)
110128059Smarkm{
111128059Smarkm	int error, i;
112128059Smarkm	struct harvest *np;
113128059Smarkm	struct sysctl_oid *o, *random_o, *random_sys_o, *random_sys_harvest_o;
114128059Smarkm	enum esource e;
115128059Smarkm
116128059Smarkm	o = SYSCTL_ADD_NODE(&random_clist,
117128059Smarkm	    SYSCTL_STATIC_CHILDREN(_kern),
118128059Smarkm	    OID_AUTO, "random", CTLFLAG_RW, 0,
119128059Smarkm	    "Software Random Number Generator");
120128059Smarkm
121128059Smarkm	random_o = o;
122128059Smarkm
123128059Smarkm	random_yarrow_init_alg(&random_clist, random_o);
124128059Smarkm
125128059Smarkm	o = SYSCTL_ADD_NODE(&random_clist,
126128059Smarkm	    SYSCTL_CHILDREN(random_o),
127128059Smarkm	    OID_AUTO, "sys", CTLFLAG_RW, 0,
128128059Smarkm	    "Entropy Device Parameters");
129128059Smarkm
130128059Smarkm	random_sys_o = o;
131128059Smarkm
132128059Smarkm	o = SYSCTL_ADD_PROC(&random_clist,
133128059Smarkm	    SYSCTL_CHILDREN(random_sys_o),
134128059Smarkm	    OID_AUTO, "seeded", CTLTYPE_INT | CTLFLAG_RW,
135128059Smarkm	    &random_systat.seeded, 0, random_check_boolean, "I",
136128059Smarkm	    "Seeded State");
137128059Smarkm
138128059Smarkm	o = SYSCTL_ADD_NODE(&random_clist,
139128059Smarkm	    SYSCTL_CHILDREN(random_sys_o),
140128059Smarkm	    OID_AUTO, "harvest", CTLFLAG_RW, 0,
141128059Smarkm	    "Entropy Sources");
142128059Smarkm
143128059Smarkm	random_sys_harvest_o = o;
144128059Smarkm
145128059Smarkm	o = SYSCTL_ADD_PROC(&random_clist,
146128059Smarkm	    SYSCTL_CHILDREN(random_sys_harvest_o),
147128059Smarkm	    OID_AUTO, "ethernet", CTLTYPE_INT | CTLFLAG_RW,
148128320Smarkm	    &harvest.ethernet, 1, random_check_boolean, "I",
149128059Smarkm	    "Harvest NIC entropy");
150128059Smarkm	o = SYSCTL_ADD_PROC(&random_clist,
151128059Smarkm	    SYSCTL_CHILDREN(random_sys_harvest_o),
152128059Smarkm	    OID_AUTO, "point_to_point", CTLTYPE_INT | CTLFLAG_RW,
153128320Smarkm	    &harvest.point_to_point, 1, random_check_boolean, "I",
154128059Smarkm	    "Harvest serial net entropy");
155128059Smarkm	o = SYSCTL_ADD_PROC(&random_clist,
156128059Smarkm	    SYSCTL_CHILDREN(random_sys_harvest_o),
157128059Smarkm	    OID_AUTO, "interrupt", CTLTYPE_INT | CTLFLAG_RW,
158128320Smarkm	    &harvest.interrupt, 1, random_check_boolean, "I",
159128059Smarkm	    "Harvest IRQ entropy");
160128059Smarkm	o = SYSCTL_ADD_PROC(&random_clist,
161128059Smarkm	    SYSCTL_CHILDREN(random_sys_harvest_o),
162128059Smarkm	    OID_AUTO, "swi", CTLTYPE_INT | CTLFLAG_RW,
163128059Smarkm	    &harvest.swi, 0, random_check_boolean, "I",
164128059Smarkm	    "Harvest SWI entropy");
165128059Smarkm
166128059Smarkm	/* Initialise the harvest fifos */
167128059Smarkm	STAILQ_INIT(&emptyfifo.head);
168128059Smarkm	emptyfifo.count = 0;
169128059Smarkm	mtx_init(&emptyfifo.lock, "entropy harvest buffers", NULL, MTX_SPIN);
170128059Smarkm	for (i = 0; i < EMPTYBUFFERS; i++) {
171128059Smarkm		np = malloc(sizeof(struct harvest), M_ENTROPY, M_WAITOK);
172128059Smarkm		STAILQ_INSERT_TAIL(&emptyfifo.head, np, next);
173128059Smarkm	}
174128059Smarkm	for (e = RANDOM_START; e < ENTROPYSOURCE; e++) {
175128059Smarkm		STAILQ_INIT(&harvestfifo[e].head);
176128059Smarkm		harvestfifo[e].count = 0;
177128059Smarkm		mtx_init(&harvestfifo[e].lock, "entropy harvest", NULL,
178128059Smarkm		    MTX_SPIN);
179128059Smarkm	}
180128059Smarkm
181128059Smarkm	/* Start the hash/reseed thread */
182128059Smarkm	error = kthread_create(random_kthread, NULL,
183128059Smarkm	    &random_kthread_proc, RFHIGHPID, 0, "yarrow");
184128059Smarkm	if (error != 0)
185128059Smarkm		panic("Cannot create entropy maintenance thread.");
186128059Smarkm
187128059Smarkm	/* Register the randomness harvesting routine */
188128059Smarkm	random_yarrow_init_harvester(random_harvest_internal,
189128059Smarkm	    random_yarrow_read);
190128059Smarkm}
191128059Smarkm
192128059Smarkm/* ARGSUSED */
193128059Smarkmvoid
194128059Smarkmrandom_yarrow_deinit(void)
195128059Smarkm{
196128059Smarkm	struct harvest *np;
197128059Smarkm	enum esource e;
198128059Smarkm
199128059Smarkm	/* Deregister the randomness harvesting routine */
200128059Smarkm	random_yarrow_deinit_harvester();
201128059Smarkm
202128059Smarkm	/*
203128059Smarkm	 * Command the hash/reseed thread to end and wait for it to finish
204128059Smarkm	 */
205128059Smarkm	random_kthread_control = -1;
206128059Smarkm	tsleep((void *)&random_kthread_control, PUSER, "term", 0);
207128059Smarkm
208128059Smarkm	/* Destroy the harvest fifos */
209128059Smarkm	while (!STAILQ_EMPTY(&emptyfifo.head)) {
210128059Smarkm		np = STAILQ_FIRST(&emptyfifo.head);
211128059Smarkm		STAILQ_REMOVE_HEAD(&emptyfifo.head, next);
212128059Smarkm		free(np, M_ENTROPY);
213128059Smarkm	}
214128059Smarkm	mtx_destroy(&emptyfifo.lock);
215128059Smarkm	for (e = RANDOM_START; e < ENTROPYSOURCE; e++) {
216128059Smarkm		while (!STAILQ_EMPTY(&harvestfifo[e].head)) {
217128059Smarkm			np = STAILQ_FIRST(&harvestfifo[e].head);
218128059Smarkm			STAILQ_REMOVE_HEAD(&harvestfifo[e].head, next);
219128059Smarkm			free(np, M_ENTROPY);
220128059Smarkm		}
221128059Smarkm		mtx_destroy(&harvestfifo[e].lock);
222128059Smarkm	}
223128059Smarkm
224128059Smarkm	random_yarrow_deinit_alg();
225128059Smarkm
226128059Smarkm	sysctl_ctx_free(&random_clist);
227128059Smarkm}
228128059Smarkm
229128059Smarkm/* ARGSUSED */
230128059Smarkmstatic void
231128059Smarkmrandom_kthread(void *arg __unused)
232128059Smarkm{
233128059Smarkm	struct harvest *event = NULL;
234128059Smarkm	int found, active;
235128059Smarkm	enum esource source;
236128059Smarkm
237128059Smarkm	/* Process until told to stop */
238128059Smarkm	for (; random_kthread_control == 0;) {
239128059Smarkm
240128059Smarkm		active = 0;
241128059Smarkm
242128059Smarkm		/* Cycle through all the entropy sources */
243128059Smarkm		for (source = RANDOM_START; source < ENTROPYSOURCE; source++) {
244128059Smarkm
245128059Smarkm			found = 0;
246128059Smarkm
247128059Smarkm			/* Lock up queue draining */
248128059Smarkm			mtx_lock_spin(&harvestfifo[source].lock);
249128059Smarkm
250128059Smarkm			if (!STAILQ_EMPTY(&harvestfifo[source].head)) {
251128059Smarkm
252128059Smarkm				/* Get a harvested entropy event */
253128059Smarkm				harvestfifo[source].count--;
254128059Smarkm				event = STAILQ_FIRST(&harvestfifo[source].head);
255128059Smarkm				STAILQ_REMOVE_HEAD(&harvestfifo[source].head,
256128059Smarkm				    next);
257128059Smarkm
258128059Smarkm				active = found = 1;
259128059Smarkm
260128059Smarkm			}
261128059Smarkm			/* Unlock the queue */
262128059Smarkm			mtx_unlock_spin(&harvestfifo[source].lock);
263128059Smarkm
264128059Smarkm			/* Deal with the event and dispose of it */
265128059Smarkm			if (found) {
266128059Smarkm
267128059Smarkm				random_process_event(event);
268128059Smarkm
269128059Smarkm				/* Lock the empty event buffer fifo */
270128059Smarkm				mtx_lock_spin(&emptyfifo.lock);
271128059Smarkm
272128059Smarkm				STAILQ_INSERT_TAIL(&emptyfifo.head, event,
273128059Smarkm				    next);
274128059Smarkm
275128059Smarkm				mtx_unlock_spin(&emptyfifo.lock);
276128059Smarkm
277128059Smarkm			}
278128059Smarkm		}
279128059Smarkm
280128059Smarkm		/* Found nothing, so don't belabour the issue */
281128059Smarkm		if (!active)
282128059Smarkm			tsleep(&harvestfifo, PUSER, "-", hz / 10);
283128059Smarkm
284128059Smarkm	}
285128059Smarkm
286128059Smarkm	random_set_wakeup_exit(&random_kthread_control);
287128059Smarkm	/* NOTREACHED */
288128059Smarkm}
289128059Smarkm
290128059Smarkm/* Entropy harvesting routine. This is supposed to be fast; do
291128059Smarkm * not do anything slow in here!
292128059Smarkm */
293128059Smarkmstatic void
294128059Smarkmrandom_harvest_internal(u_int64_t somecounter, const void *entropy,
295128059Smarkm    u_int count, u_int bits, u_int frac, enum esource origin)
296128059Smarkm{
297128059Smarkm	struct harvest *event;
298128059Smarkm
299128059Smarkm	/* Lock the particular fifo */
300128059Smarkm	mtx_lock_spin(&harvestfifo[origin].lock);
301128059Smarkm
302128059Smarkm	/*
303128059Smarkm	 * Don't make the harvest queues too big - help to prevent low-grade
304128059Smarkm	 * entropy swamping
305128059Smarkm	 */
306128059Smarkm	if (harvestfifo[origin].count < RANDOM_FIFO_MAX) {
307128059Smarkm
308128059Smarkm		/* Lock the empty event buffer fifo */
309128059Smarkm		mtx_lock_spin(&emptyfifo.lock);
310128059Smarkm
311128059Smarkm		if (!STAILQ_EMPTY(&emptyfifo.head)) {
312128059Smarkm			event = STAILQ_FIRST(&emptyfifo.head);
313128059Smarkm			STAILQ_REMOVE_HEAD(&emptyfifo.head, next);
314128059Smarkm		} else
315128059Smarkm			event = NULL;
316128059Smarkm
317128059Smarkm		mtx_unlock_spin(&emptyfifo.lock);
318128059Smarkm
319128059Smarkm		/* If we didn't obtain a buffer, tough */
320128059Smarkm		if (event) {
321128059Smarkm
322128059Smarkm			/* Add the harvested data to the fifo */
323128059Smarkm			harvestfifo[origin].count++;
324128059Smarkm			event->somecounter = somecounter;
325128059Smarkm			event->size = count;
326128059Smarkm			event->bits = bits;
327128059Smarkm			event->frac = frac;
328128059Smarkm			event->source = origin;
329128059Smarkm
330128059Smarkm			/* XXXX Come back and make this dynamic! */
331128059Smarkm			count = MIN(count, HARVESTSIZE);
332128059Smarkm			memcpy(event->entropy, entropy, count);
333128059Smarkm
334128059Smarkm			STAILQ_INSERT_TAIL(&harvestfifo[origin].head,
335128059Smarkm			    event, next);
336128059Smarkm		}
337128059Smarkm	}
338128059Smarkm	mtx_unlock_spin(&harvestfifo[origin].lock);
339128059Smarkm
340128059Smarkm}
341128059Smarkm
342128059Smarkmvoid
343128059Smarkmrandom_yarrow_write(void *buf, int count)
344128059Smarkm{
345128059Smarkm	int i;
346128059Smarkm	u_int chunk;
347128059Smarkm
348128059Smarkm	/*
349128059Smarkm	 * Break the input up into HARVESTSIZE chunks. The writer has too
350128059Smarkm	 * much control here, so "estimate" the the entropy as zero.
351128059Smarkm	 */
352128059Smarkm	for (i = 0; i < count; i += HARVESTSIZE) {
353128059Smarkm		chunk = HARVESTSIZE;
354128059Smarkm		if (i + chunk >= count)
355128059Smarkm			chunk = (u_int)(count - i);
356128059Smarkm		random_harvest_internal(get_cyclecount(), (char *)buf + i,
357128059Smarkm		    chunk, 0, 0, RANDOM_WRITE);
358128059Smarkm	}
359128059Smarkm}
360128059Smarkm
361128059Smarkmvoid
362128059Smarkmrandom_yarrow_unblock(void)
363128059Smarkm{
364128059Smarkm	if (!random_systat.seeded) {
365128059Smarkm		random_systat.seeded = 1;
366128059Smarkm		selwakeuppri(&random_systat.rsel, PUSER);
367128059Smarkm		wakeup(&random_systat);
368128059Smarkm	}
369128059Smarkm}
370