[src/trunk]: src/sys/netinet Replace kooky sctp random number generation by c...

[riastradh <riastradh%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/198d169803ed
branches:  trunk
changeset: 848184:198d169803ed
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Sun Jan 19 20:51:13 2020 +0000

description:
Replace kooky sctp random number generation by cprng_strong32().

diffstat:

 sys/netinet/sctp_pcb.c |  27 ++-------------------------
 sys/netinet/sctp_pcb.h |  12 +++---------
 sys/netinet/sctputil.c |  49 ++++---------------------------------------------
 sys/netinet/sctputil.h |   4 +---
 4 files changed, 10 insertions(+), 82 deletions(-)

diffs (197 lines):

diff -r 5ecc2959a542 -r 198d169803ed sys/netinet/sctp_pcb.c
--- a/sys/netinet/sctp_pcb.c    Sun Jan 19 20:41:17 2020 +0000
+++ b/sys/netinet/sctp_pcb.c    Sun Jan 19 20:51:13 2020 +0000
@@ -1,5 +1,5 @@
 /* $KAME: sctp_pcb.c,v 1.39 2005/06/16 18:29:25 jinmei Exp $ */
-/* $NetBSD: sctp_pcb.c,v 1.19 2019/12/26 04:44:10 msaitoh Exp $ */
+/* $NetBSD: sctp_pcb.c,v 1.20 2020/01/19 20:51:13 riastradh Exp $ */
 
 /*
  * Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -33,7 +33,7 @@
  * SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.19 2019/12/26 04:44:10 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctp_pcb.c,v 1.20 2020/01/19 20:51:13 riastradh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -1465,29 +1465,6 @@
        /* Add adaption cookie */
        m->adaption_layer_indicator = 0x504C5253;
 
-       /* seed random number generator */
-       m->random_counter = 1;
-       m->store_at = SCTP_SIGNATURE_SIZE;
-#if NRND > 0
-       rnd_extract_data(m->random_numbers, sizeof(m->random_numbers),
-                        RND_EXTRACT_ANY);
-#else
-       {
-               u_int32_t *ranm, *ranp;
-               ranp = (u_int32_t *)&m->random_numbers;
-               ranm = ranp + (SCTP_SIGNATURE_ALOC_SIZE/sizeof(u_int32_t));
-               if ((u_long)ranp % 4) {
-                       /* not a even boundary? */
-                       ranp = (u_int32_t *)SCTP_SIZE32((u_long)ranp);
-               }
-               while (ranp < ranm) {
-                       *ranp = random();
-                       ranp++;
-               }
-       }
-#endif
-       sctp_fill_random_store(m);
-
        /* Minimum cookie size */
        m->size_of_a_cookie = (sizeof(struct sctp_init_msg) * 2) +
                sizeof(struct sctp_state_cookie);
diff -r 5ecc2959a542 -r 198d169803ed sys/netinet/sctp_pcb.h
--- a/sys/netinet/sctp_pcb.h    Sun Jan 19 20:41:17 2020 +0000
+++ b/sys/netinet/sctp_pcb.h    Sun Jan 19 20:51:13 2020 +0000
@@ -1,5 +1,5 @@
 /*     $KAME: sctp_pcb.h,v 1.21 2005/07/16 01:18:47 suz Exp $  */
-/*     $NetBSD: sctp_pcb.h,v 1.2 2019/06/08 23:23:34 rjs Exp $ */
+/*     $NetBSD: sctp_pcb.h,v 1.3 2020/01/19 20:51:13 riastradh Exp $ */
 
 #ifndef __SCTP_PCB_H__
 #define __SCTP_PCB_H__
@@ -250,11 +250,6 @@
        uint16_t pre_open_stream_count;
        uint16_t max_open_streams_intome;
 
-       /* random number generator */
-       uint32_t random_counter;
-       uint8_t random_numbers[SCTP_SIGNATURE_ALOC_SIZE];
-       uint8_t random_store[SCTP_SIGNATURE_ALOC_SIZE];
-
        /*
         * This timer is kept running per endpoint.  When it fires it
         * will change the secret key.  The default is once a hour
@@ -265,7 +260,6 @@
        int auto_close_time;
        uint32_t initial_sequence_debug;
        uint32_t adaption_layer_indicator;
-       char store_at;
        uint8_t max_burst;
        char current_secret_number;
        char last_secret_number;
@@ -447,7 +441,7 @@
 
 /* The INP locks we will use for locking an SCTP endpoint, so for
  * example if we want to change something at the endpoint level for
- * example random_store or cookie secrets we lock the INP level.
+ * example cookie secrets we lock the INP level.
  */
 #define SCTP_INP_LOCK_INIT(_inp) \
        mtx_init(&(_inp)->inp_mtx, "sctp", "inp", MTX_DEF | MTX_DUPOK)
@@ -556,7 +550,7 @@
 
 /* The INP locks we will use for locking an SCTP endpoint, so for
  * example if we want to change something at the endpoint level for
- * example random_store or cookie secrets we lock the INP level.
+ * example cookie secrets we lock the INP level.
  */
 #define SCTP_INP_LOCK_INIT(_inp) \
        mutex_init(&(_inp)->inp_mtx, MUTEX_DEFAULT, IPL_NET)
diff -r 5ecc2959a542 -r 198d169803ed sys/netinet/sctputil.c
--- a/sys/netinet/sctputil.c    Sun Jan 19 20:41:17 2020 +0000
+++ b/sys/netinet/sctputil.c    Sun Jan 19 20:51:13 2020 +0000
@@ -1,5 +1,5 @@
 /*     $KAME: sctputil.c,v 1.39 2005/06/16 20:54:06 jinmei Exp $       */
-/*     $NetBSD: sctputil.c,v 1.15 2019/08/13 19:55:40 rjs Exp $        */
+/*     $NetBSD: sctputil.c,v 1.16 2020/01/19 20:51:13 riastradh Exp $  */
 
 /*
  * Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
@@ -34,7 +34,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sctputil.c,v 1.15 2019/08/13 19:55:40 rjs Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sctputil.c,v 1.16 2020/01/19 20:51:13 riastradh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -54,6 +54,7 @@
 #include <sys/proc.h>
 #include <sys/kernel.h>
 #include <sys/sysctl.h>
+#include <sys/cprng.h>
 
 #include <sys/callout.h>
 
@@ -614,52 +615,10 @@
        return (sctp_mtu_sizes[perfer]);
 }
 
-void
-sctp_fill_random_store(struct sctp_pcb *m)
-{
-       /*
-        * Here we use the MD5/SHA-1 to hash with our good randomNumbers
-        * and our counter. The result becomes our good random numbers and
-        * we then setup to give these out. Note that we do no lockig
-        * to protect this. This is ok, since if competing folks call
-        * this we will get more gobbled gook in the random store whic
-        * is what we want. There is a danger that two guys will use
-        * the same random numbers, but thats ok too since that
-        * is random as well :->
-        */
-       m->store_at = 0;
-       sctp_hash_digest((char *)m->random_numbers, sizeof(m->random_numbers),
-                        (char *)&m->random_counter, sizeof(m->random_counter),
-                        (char *)m->random_store);
-       m->random_counter++;
-}
-
 uint32_t
 sctp_select_initial_TSN(struct sctp_pcb *m)
 {
-       /*
-        * A true implementation should use random selection process to
-        * get the initial stream sequence number, using RFC1750 as a
-        * good guideline
-        */
-       u_long x, *xp;
-       uint8_t *p;
-
-       if (m->initial_sequence_debug != 0) {
-               u_int32_t ret;
-               ret = m->initial_sequence_debug;
-               m->initial_sequence_debug++;
-               return (ret);
-       }
-       if ((m->store_at+sizeof(u_long)) > SCTP_SIGNATURE_SIZE) {
-               /* Refill the random store */
-               sctp_fill_random_store(m);
-       }
-       p = &m->random_store[(int)m->store_at];
-       xp = (u_long *)p;
-       x = *xp;
-       m->store_at += sizeof(u_long);
-       return (x);
+       return cprng_strong32();
 }
 
 u_int32_t sctp_select_a_tag(struct sctp_inpcb *m)
diff -r 5ecc2959a542 -r 198d169803ed sys/netinet/sctputil.h
--- a/sys/netinet/sctputil.h    Sun Jan 19 20:41:17 2020 +0000
+++ b/sys/netinet/sctputil.h    Sun Jan 19 20:51:13 2020 +0000
@@ -1,5 +1,5 @@
 /*     $KAME: sctputil.h,v 1.15 2005/03/06 16:04:19 itojun Exp $       */
-/*     $NetBSD: sctputil.h,v 1.2 2016/05/22 23:04:27 rjs Exp $ */
+/*     $NetBSD: sctputil.h,v 1.3 2020/01/19 20:51:13 riastradh Exp $ */
 
 #ifndef __SCTPUTIL_H__
 #define __SCTPUTIL_H__
@@ -141,8 +141,6 @@
 
 int sctp_init_asoc(struct sctp_inpcb *, struct sctp_association *, int, uint32_t);
 
-void sctp_fill_random_store(struct sctp_pcb *);
-
 int sctp_timer_start(int, struct sctp_inpcb *, struct sctp_tcb *,
        struct sctp_nets *);