From f6db5f15be126146aef5c917289ce08c4dd6f6b4 Mon Sep 17 00:00:00 2001 From: Taylor R Campbell Date: Tue, 14 Jan 2020 02:33:12 +0000 Subject: [PATCH 1/2] Simplify /dev/random and getrandom(GRND_RANDOM) semantics. Just clamp to 32-byte reads irrespective of whether we're doing entropy depletion. You shouldn't do bulk reads out of /dev/random. --- sys/kern/sys_getrandom.c | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/sys/kern/sys_getrandom.c b/sys/kern/sys_getrandom.c index b02bada23e0e..5d4887cff821 100644 --- a/sys/kern/sys_getrandom.c +++ b/sys/kern/sys_getrandom.c @@ -72,11 +72,12 @@ dogetrandom(struct uio *uio, unsigned int flags) buf = kmem_alloc(RANDOM_BUFSIZE, KM_SLEEP); /* - * Fast path: for short reads, if INSECURE, or if we have - * entropy and we're not doing depletion, just return it from - * the per-CPU cprng_strong. + * Fast path, for short reads other than from /dev/random: if + * INSECURE, or if we have entropy and we're not doing + * `depletion', just return it from the per-CPU cprng_strong. */ if (uio->uio_resid <= RANDOM_BUFSIZE && + !ISSET(flags, GRND_RANDOM) && (ISSET(flags, GRND_INSECURE) || (__predict_true(!atomic_load_relaxed(&entropy_depletion)) && __predict_true(entropy_epoch() != (unsigned)-1)))) { @@ -112,11 +113,10 @@ dogetrandom(struct uio *uio, unsigned int flags) size_t n = MIN(uio->uio_resid, RANDOM_BUFSIZE); /* - * If we're `depleting' and this is /dev/random, clamp - * to the smaller of the entropy capacity or the seed. + * If this is /dev/random, clamp to the smaller of the + * entropy capacity or the seed. */ - if (__predict_false(atomic_load_relaxed(&entropy_depletion)) && - ISSET(flags, GRND_RANDOM)) { + if (ISSET(flags, GRND_RANDOM)) { n = MIN(n, ENTROPY_CAPACITY); n = MIN(n, sizeof seed); /* @@ -163,13 +163,11 @@ dogetrandom(struct uio *uio, unsigned int flags) break; /* - * If we're `depleting' and this is /dev/random, stop - * here, return what we have, and force the next read - * to reseed. Could grab more from the pool if - * possible without blocking, but that's more work. + * If this is /dev/random, stop here and return what we + * have, and force the next read to reseed. You're not + * supposed to draw lots of data from /dev/random. */ - if (__predict_false(atomic_load_relaxed(&entropy_depletion)) && - ISSET(flags, GRND_RANDOM)) { + if (ISSET(flags, GRND_RANDOM)) { error = 0; break; } From 8fec6a630587c80b13317646763535dabc054f85 Mon Sep 17 00:00:00 2001 From: Taylor R Campbell Date: Thu, 23 Apr 2020 21:05:13 +0000 Subject: [PATCH 2/2] WIP: regen --- sys/kern/init_sysent.c | 12 ++++--- sys/kern/syscalls.c | 10 +++--- sys/kern/syscalls_autoload.c | 6 ++-- sys/kern/systrace_args.c | 32 +++++++++++++++++- sys/rump/include/rump/rump_syscalls.h | 9 +++-- sys/rump/librump/rumpkern/rump_syscalls.c | 40 ++++++++++++++++++++--- sys/rump/rump.sysmap | 1 + sys/sys/syscall.h | 9 +++-- sys/sys/syscallargs.h | 13 ++++++-- 9 files changed, 106 insertions(+), 26 deletions(-) diff --git a/sys/kern/init_sysent.c b/sys/kern/init_sysent.c index cb6de7ec7804..b441a0e7e716 100644 --- a/sys/kern/init_sysent.c +++ b/sys/kern/init_sysent.c @@ -1,14 +1,14 @@ -/* $NetBSD: init_sysent.c,v 1.328 2020/04/04 20:27:27 thorpej Exp $ */ +/* $NetBSD$ */ /* * System call switch table. * * DO NOT EDIT-- this file is automatically generated. - * created from NetBSD: syscalls.master,v 1.298 2020/04/04 20:20:12 thorpej Exp + * created from NetBSD: syscalls.master,v 1.301 2020/04/12 22:06:17 christos Exp */ #include -__KERNEL_RCSID(0, "$NetBSD: init_sysent.c,v 1.328 2020/04/04 20:27:27 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD$"); #ifdef _KERNEL_OPT #include "opt_modular.h" @@ -2359,8 +2359,10 @@ struct sysent sysent[] = { .sy_call = (sy_call_t *)sys___fhstatvfs190 }, /* 486 = __fhstatvfs190 */ { - .sy_call = sys_nosys, - }, /* 487 = filler */ + ns(struct sys_getrandom_args), + .sy_flags = SYCALL_ARG_PTR, + .sy_call = (sy_call_t *)sys_getrandom + }, /* 487 = getrandom */ { .sy_call = sys_nosys, }, /* 488 = filler */ diff --git a/sys/kern/syscalls.c b/sys/kern/syscalls.c index bf562242c5ea..6847b7087de9 100644 --- a/sys/kern/syscalls.c +++ b/sys/kern/syscalls.c @@ -1,14 +1,14 @@ -/* $NetBSD: syscalls.c,v 1.316 2020/04/04 20:27:27 thorpej Exp $ */ +/* $NetBSD$ */ /* * System call names. * * DO NOT EDIT-- this file is automatically generated. - * created from NetBSD: syscalls.master,v 1.298 2020/04/04 20:20:12 thorpej Exp + * created from NetBSD: syscalls.master,v 1.301 2020/04/12 22:06:17 christos Exp */ #include -__KERNEL_RCSID(0, "$NetBSD: syscalls.c,v 1.316 2020/04/04 20:27:27 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD$"); #if defined(_KERNEL_OPT) #ifdef _KERNEL_OPT @@ -536,7 +536,7 @@ const char *const syscallnames[] = { /* 484 */ "__statvfs190", /* 485 */ "__fstatvfs190", /* 486 */ "__fhstatvfs190", - /* 487 */ "# filler", + /* 487 */ "getrandom", /* 488 */ "# filler", /* 489 */ "# filler", /* 490 */ "# filler", @@ -1073,7 +1073,7 @@ const char *const altsyscallnames[] = { /* 484 */ "statvfs1", /* 485 */ "fstatvfs1", /* 486 */ "fhstatvfs1", - /* 487 */ NULL, /* filler */ + /* 487 */ NULL, /* getrandom */ /* 488 */ NULL, /* filler */ /* 489 */ NULL, /* filler */ /* 490 */ NULL, /* filler */ diff --git a/sys/kern/syscalls_autoload.c b/sys/kern/syscalls_autoload.c index e45194643920..3a662468f349 100644 --- a/sys/kern/syscalls_autoload.c +++ b/sys/kern/syscalls_autoload.c @@ -1,14 +1,14 @@ -/* $NetBSD: syscalls_autoload.c,v 1.33 2020/04/04 20:27:27 thorpej Exp $ */ +/* $NetBSD$ */ /* * System call autoload table. * * DO NOT EDIT-- this file is automatically generated. - * created from NetBSD: syscalls.master,v 1.298 2020/04/04 20:20:12 thorpej Exp + * created from NetBSD: syscalls.master,v 1.301 2020/04/12 22:06:17 christos Exp */ #include -__KERNEL_RCSID(0, "$NetBSD: syscalls_autoload.c,v 1.33 2020/04/04 20:27:27 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD$"); #ifdef _KERNEL_OPT #include "opt_modular.h" diff --git a/sys/kern/systrace_args.c b/sys/kern/systrace_args.c index a7403fe1f1fc..dc3317896f64 100644 --- a/sys/kern/systrace_args.c +++ b/sys/kern/systrace_args.c @@ -1,4 +1,4 @@ -/* $NetBSD: systrace_args.c,v 1.35 2020/04/04 20:27:27 thorpej Exp $ */ +/* $NetBSD$ */ /* * System call argument to DTrace register array converstion. @@ -3706,6 +3706,15 @@ systrace_args(register_t sysnum, const void *params, uintptr_t *uarg, size_t *n_ *n_args = 4; break; } + /* sys_getrandom */ + case 487: { + const struct sys_getrandom_args *p = params; + uarg[0] = (intptr_t) SCARG(p, buf); /* void * */ + uarg[1] = SCARG(p, buflen); /* size_t */ + uarg[2] = SCARG(p, flags); /* unsigned int */ + *n_args = 3; + break; + } default: *n_args = 0; break; @@ -9987,6 +9996,22 @@ systrace_entry_setargdesc(int sysnum, int ndx, char *desc, size_t descsz) break; }; break; + /* sys_getrandom */ + case 487: + switch(ndx) { + case 0: + p = "void *"; + break; + case 1: + p = "size_t"; + break; + case 2: + p = "unsigned int"; + break; + default: + break; + }; + break; default: break; }; @@ -12086,6 +12111,11 @@ systrace_return_setargdesc(int sysnum, int ndx, char *desc, size_t descsz) if (ndx == 0 || ndx == 1) p = "int"; break; + /* sys_getrandom */ + case 487: + if (ndx == 0 || ndx == 1) + p = "ssize_t"; + break; default: break; }; diff --git a/sys/rump/include/rump/rump_syscalls.h b/sys/rump/include/rump/rump_syscalls.h index f603b84e97a3..5316d67dd969 100644 --- a/sys/rump/include/rump/rump_syscalls.h +++ b/sys/rump/include/rump/rump_syscalls.h @@ -1,10 +1,10 @@ -/* $NetBSD: rump_syscalls.h,v 1.114 2020/04/04 20:27:27 thorpej Exp $ */ +/* $NetBSD$ */ /* * System call protos in rump namespace. * * DO NOT EDIT-- this file is automatically generated. - * created from NetBSD: syscalls.master,v 1.298 2020/04/04 20:20:12 thorpej Exp + * created from NetBSD: syscalls.master,v 1.301 2020/04/12 22:06:17 christos Exp */ #ifndef _RUMP_RUMP_SYSCALLS_H_ @@ -204,6 +204,10 @@ #define RUMP_SYS_RENAME_DUP rump___sysimpl_dup #endif +#ifndef RUMP_SYS_RENAME_GETRANDOM +#define RUMP_SYS_RENAME_GETRANDOM rump___sysimpl_getrandom +#endif + #ifndef RUMP_SYS_RENAME_LCHMOD #define RUMP_SYS_RENAME_LCHMOD rump___sysimpl_lchmod #endif @@ -1063,6 +1067,7 @@ int rump_sys_getvfsstat(struct statvfs *, size_t, int) __RENAME(RUMP_SYS_RENAME_ int rump_sys_statvfs1(const char *, struct statvfs *, int) __RENAME(RUMP_SYS_RENAME_STATVFS1); int rump_sys_fstatvfs1(int, struct statvfs *, int) __RENAME(RUMP_SYS_RENAME_FSTATVFS1); int rump_sys_fhstatvfs1(const void *, size_t, struct statvfs *, int) __RENAME(RUMP_SYS_RENAME_FHSTATVFS1); +ssize_t rump_sys_getrandom(void *, size_t, unsigned int) __RENAME(RUMP_SYS_RENAME_GETRANDOM); int rump_sys_pipe(int *); #endif /* _RUMP_RUMP_SYSCALLS_H_ */ diff --git a/sys/rump/librump/rumpkern/rump_syscalls.c b/sys/rump/librump/rumpkern/rump_syscalls.c index 3514b1325c09..b6f5a91649f7 100644 --- a/sys/rump/librump/rumpkern/rump_syscalls.c +++ b/sys/rump/librump/rumpkern/rump_syscalls.c @@ -1,10 +1,10 @@ -/* $NetBSD: rump_syscalls.c,v 1.145 2020/04/04 20:27:27 thorpej Exp $ */ +/* $NetBSD$ */ /* * System call vector and marshalling for rump. * * DO NOT EDIT-- this file is automatically generated. - * created from NetBSD: syscalls.master,v 1.298 2020/04/04 20:20:12 thorpej Exp + * created from NetBSD: syscalls.master,v 1.301 2020/04/12 22:06:17 christos Exp */ #ifdef RUMP_CLIENT @@ -15,7 +15,7 @@ #ifdef __NetBSD__ #include -__KERNEL_RCSID(0, "$NetBSD: rump_syscalls.c,v 1.145 2020/04/04 20:27:27 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD$"); #include #include @@ -6523,6 +6523,36 @@ __weak_alias(___fhstatvfs190,rump___sysimpl_fhstatvfs190); __strong_alias(_sys___fhstatvfs190,rump___sysimpl_fhstatvfs190); #endif /* RUMP_KERNEL_IS_LIBC */ +ssize_t rump___sysimpl_getrandom(void *, size_t, unsigned int); +ssize_t +rump___sysimpl_getrandom(void * buf, size_t buflen, unsigned int flags) +{ + register_t retval[2]; + int error = 0; + ssize_t rv = -1; + struct sys_getrandom_args callarg; + + memset(&callarg, 0, sizeof(callarg)); + SPARG(&callarg, buf) = buf; + SPARG(&callarg, buflen) = buflen; + SPARG(&callarg, flags) = flags; + + error = rsys_syscall(SYS_getrandom, &callarg, sizeof(callarg), retval); + rsys_seterrno(error); + if (error == 0) { + if (sizeof(ssize_t) > sizeof(register_t)) + rv = *(ssize_t *)retval; + else + rv = *retval; + } + return rv; +} +#ifdef RUMP_KERNEL_IS_LIBC +__weak_alias(getrandom,rump___sysimpl_getrandom); +__weak_alias(_getrandom,rump___sysimpl_getrandom); +__strong_alias(_sys_getrandom,rump___sysimpl_getrandom); +#endif /* RUMP_KERNEL_IS_LIBC */ + int rump_sys_pipe(int *); int rump_sys_pipe(int *fd) @@ -8447,9 +8477,9 @@ struct sysent rump_sysent[] = { .sy_call = (sy_call_t *)(void *)rumpns_enosys, }, /* 486 = __fhstatvfs190 */ { - .sy_flags = SYCALL_NOSYS, + ns(struct sys_getrandom_args), .sy_call = (sy_call_t *)(void *)rumpns_enosys, - }, /* 487 = filler */ + }, /* 487 = getrandom */ { .sy_flags = SYCALL_NOSYS, .sy_call = (sy_call_t *)(void *)rumpns_enosys, diff --git a/sys/rump/rump.sysmap b/sys/rump/rump.sysmap index e85583d0ab98..0ccc4dcb4368 100644 --- a/sys/rump/rump.sysmap +++ b/sys/rump/rump.sysmap @@ -217,3 +217,4 @@ 484 sys___statvfs190 __statvfs190 rump___sysimpl_statvfs190 485 sys___fstatvfs190 __fstatvfs190 rump___sysimpl_fstatvfs190 486 sys___fhstatvfs190 __fhstatvfs190 rump___sysimpl_fhstatvfs190 +487 sys_getrandom getrandom rump___sysimpl_getrandom diff --git a/sys/sys/syscall.h b/sys/sys/syscall.h index da3654f978c2..04f26ec49e95 100644 --- a/sys/sys/syscall.h +++ b/sys/sys/syscall.h @@ -1,10 +1,10 @@ -/* $NetBSD: syscall.h,v 1.310 2020/04/04 20:27:27 thorpej Exp $ */ +/* $NetBSD$ */ /* * System call numbers. * * DO NOT EDIT-- this file is automatically generated. - * created from NetBSD: syscalls.master,v 1.298 2020/04/04 20:20:12 thorpej Exp + * created from NetBSD: syscalls.master,v 1.301 2020/04/12 22:06:17 christos Exp */ #ifndef _SYS_SYSCALL_H_ @@ -1344,6 +1344,9 @@ /* syscall: "__fhstatvfs190" ret: "int" args: "const void *" "size_t" "struct statvfs *" "int" */ #define SYS___fhstatvfs190 486 -#define SYS_MAXSYSCALL 487 +/* syscall: "getrandom" ret: "ssize_t" args: "void *" "size_t" "unsigned int" */ +#define SYS_getrandom 487 + +#define SYS_MAXSYSCALL 488 #define SYS_NSYSENT 512 #endif /* _SYS_SYSCALL_H_ */ diff --git a/sys/sys/syscallargs.h b/sys/sys/syscallargs.h index 1901cc0d97db..74499ebdd778 100644 --- a/sys/sys/syscallargs.h +++ b/sys/sys/syscallargs.h @@ -1,10 +1,10 @@ -/* $NetBSD: syscallargs.h,v 1.294 2020/04/04 20:27:27 thorpej Exp $ */ +/* $NetBSD$ */ /* * System call argument lists. * * DO NOT EDIT-- this file is automatically generated. - * created from NetBSD: syscalls.master,v 1.298 2020/04/04 20:20:12 thorpej Exp + * created from NetBSD: syscalls.master,v 1.301 2020/04/12 22:06:17 christos Exp */ #ifndef _SYS_SYSCALLARGS_H_ @@ -3175,6 +3175,13 @@ struct sys___fhstatvfs190_args { }; check_syscall_args(sys___fhstatvfs190) +struct sys_getrandom_args { + syscallarg(void *) buf; + syscallarg(size_t) buflen; + syscallarg(unsigned int) flags; +}; +check_syscall_args(sys_getrandom) + /* * System call prototypes. */ @@ -4059,5 +4066,7 @@ int sys___fstatvfs190(struct lwp *, const struct sys___fstatvfs190_args *, regis int sys___fhstatvfs190(struct lwp *, const struct sys___fhstatvfs190_args *, register_t *); +int sys_getrandom(struct lwp *, const struct sys_getrandom_args *, register_t *); + #endif /* !RUMP_CLIENT */ #endif /* _SYS_SYSCALLARGS_H_ */