Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src-draft/trunk]: src/sys/kern Work around early calls to cprng_strong.



details:   https://anonhg.NetBSD.org/src-all/rev/71a19ee790d6
branches:  trunk
changeset: 932561:71a19ee790d6
user:      Taylor R Campbell <riastradh%NetBSD.org@localhost>
date:      Mon May 11 17:24:04 2020 +0000

description:
Work around early calls to cprng_strong.

The bottleneck here is getting percpu_create to work early enough.
We should really fix that, but for now, this workaround will serve.

diffstat:

 sys/kern/subr_cprng.c |  23 +++++++++++++++++++++++
 1 files changed, 23 insertions(+), 0 deletions(-)

diffs (47 lines):

diff -r c48ee356bc1c -r 71a19ee790d6 sys/kern/subr_cprng.c
--- a/sys/kern/subr_cprng.c     Mon May 11 11:03:15 2020 +0000
+++ b/sys/kern/subr_cprng.c     Mon May 11 17:24:04 2020 +0000
@@ -102,6 +102,7 @@
 struct cprng_strong *user_cprng __read_mostly; /* IPL_NONE */
 
 static struct sysctllog *cprng_sysctllog __read_mostly;
+static bool cprng_initialized __read_mostly = false;
 
 void
 cprng_init(void)
@@ -128,6 +129,9 @@
            CTLFLAG_PERMANENT|CTLFLAG_READONLY, CTLTYPE_INT /*lie*/, "arandom",
            SYSCTL_DESCR("Independent uniform random bytes, up to 256 bytes"),
            sysctl_kern_arandom, 0, NULL, 0, CTL_KERN, KERN_ARND, CTL_EOL);
+
+       /* Ready to go.  */
+       cprng_initialized = true;
 }
 
 /*
@@ -274,6 +278,25 @@
        int s;
 
        /*
+        * Some device drivers try to use cprng_strong in attach during
+        * autoconf, e.g. to randomly generate MAC addresses, before we
+        * percpu is available -- percpu is not available until after
+        * CPUs have been detected during autoconf.  We should make
+        * percpu available sooner, but for now this works around it.
+        */
+       if (__predict_false(!cprng_initialized)) {
+               struct nist_hash_drbg drbg;
+               entropy_extract(seed, sizeof seed, 0);
+               if (__predict_false(nist_hash_drbg_instantiate(&drbg,
+                           seed, sizeof seed, NULL, 0, NULL, 0)))
+                       panic("nist_hash_drbg_instantiate");
+               if (__predict_false(nist_hash_drbg_generate(&drbg, buf, len,
+                           NULL, 0)))
+                       panic("nist_hash_drbg_generate");
+               return len;
+       }
+
+       /*
         * Verify maximum request length.  Caller should really limit
         * their requests to 32 bytes to avoid spending much time with
         * preemption disabled -- use the 32 bytes to seed a private



Home | Main Index | Thread Index | Old Index