NetBSD Problem Report #22660
Received: (qmail 28420 invoked by uid 605); 1 Sep 2003 21:36:07 -0000
Message-Id: <20030901213626.7887.qmail@wiredyne.com>
Date: 1 Sep 2003 21:36:26 -0000
From: pdh@wiredyne.com
Sender: gnats-bugs-owner@NetBSD.org
Reply-To: pdh@wiredyne.com
To: gnats-bugs@gnats.netbsd.org
Subject: Max Entropy ioctl() for /dev/random
X-Send-Pr-Version: 3.95
>Number: 22660
>Category: kern
>Synopsis: Max Entropy ioctl for /dev/random
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: kern-bug-people
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Mon Sep 01 21:37:00 +0000 2003
>Closed-Date:
>Last-Modified:
>Originator:
>Release: NetBSD 1.6.1
>Organization:
>Environment:
System: NetBSD xxx.xxx 1.6.1 NetBSD 1.6.1 (GENERIC) #1: Thu Aug 28 23:04:55 PST 2003 xxx@xxx.xxx:/usr/src/sys/arch/i386/compile/GENERIC i386
Architecture: i386
Machine: i386
>Description:
/dev/random currently has a RNDGETENTCNT ioctl which returns
the number of bits available in the entropy pool.
It would be nice to have an ioctl which also returns the
maximum number of bits of entropy the pool can hold.
Currently this information is available at compile time in the
RND_POOLBITS macro in <sys/rnd.h>. However, this means that
an application which is compiled under one kernel may not work
correctly if copied to another machine. (This could easily
happen if somebody used a binary package for an application.)
For example, an application which restores the entropy pool
needs to know when to stop restoring. If it targets the wrong
level it may never stop.
(Bitstir is one such application:
ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/security/bitstir/README.html)
The maximum pool size is also available through the
undocumented ioctl RNDGETPOOLSTAT. However, this ioctl can
only be used by root. (And that's a good idea, because it
returns quite a bit of information.)
While I've given this a "low" priority, it would be really
great to get this simple change into the next release.
The diffs below show how really simple it is.
>How-To-Repeat:
>Fix:
These diffs are against the 1.6.1 kernel sources. These changes
compile, work, and seem to result in a stable kernel.
------------------------------------------------------------------------
*** /usr/src/sys/sys/rnd.h.orig Sat Sep 8 16:48:33 2001
--- rnd.h Mon Sep 1 11:50:11 2003
***************
*** 143,148 ****
--- 143,149 ----
void rndpool_init __P((rndpool_t *));
void rndpool_init_global __P((void));
u_int32_t rndpool_get_entropy_count __P((rndpool_t *));
+ u_int32_t rndpool_get_maxentropy __P((rndpool_t *));
void rndpool_get_stats __P((rndpool_t *, void *, int));
void rndpool_increment_entropy_count __P((rndpool_t *, u_int32_t));
u_int32_t *rndpool_get_pool __P((rndpool_t *));
***************
*** 206,210 ****
--- 207,212 ----
#define RNDCTL _IOW('R', 104, rndctl_t) /* set/clear source flags */
#define RNDADDDATA _IOW('R', 105, rnddata_t) /* add data to the pool */
#define RNDGETPOOLSTAT _IOR('R', 106, rndpoolstat_t)
+ #define RNDGETMAXENT _IOR('R', 107, u_int32_t)
#endif /* !_SYS_RND_H_ */
------------------------------------------------------------------------
*** /usr/src/sys/dev/rnd.c.orig Fri Mar 8 12:48:15 2002
--- rnd.c Thu Aug 28 22:37:51 2003
***************
*** 487,492 ****
--- 487,498 ----
splx(s);
break;
+ case RNDGETMAXENT:
+ s = splsoftclock();
+ *(u_int32_t *)addr = rndpool_get_maxentropy(&rnd_pool);
+ splx(s);
+ break;
+
case RNDGETPOOLSTAT:
if ((ret = suser(p->p_ucred, &p->p_acflag)) != 0)
return (ret);
------------------------------------------------------------------------
*** /usr/src/sys/dev/rndpool.c.orig Thu Nov 15 01:47:41 2001
--- rndpool.c Thu Aug 28 22:16:27 2003
***************
*** 81,86 ****
--- 81,93 ----
return (rp->stats.curentropy);
}
+ u_int32_t
+ rndpool_get_maxentropy(rndpool_t *rp)
+ {
+
+ return (rp->stats.maxentropy);
+ }
+
void rndpool_get_stats(rndpool_t *rp, void *rsp, int size)
{
>Release-Note:
>Audit-Trail:
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.