# HG changeset patch
# User Taylor R Campbell <riastradh@NetBSD.org>
# Date 1588604356 0
#      Mon May 04 14:59:16 2020 +0000
# Branch trunk
# Node ID a86fa24e72bb74a68d41765f5968ac69d504f193
# Parent  f952eea8985e7db418bc39fb37bd271516d748fa
New sysctl kern.entropy.gather=1 to trigger entropy gathering.

Invokes all on-demand RNG sources.  This enables HWRNG driver
developers to use a dtrace probe on rnd_add_data to examine the data
coming out of the HWRNG:

dtrace -n 'fbt::rnd_add_data:entry /args[0]->name == "amdccp0"/ {
   ...examine buffer args[1] length args[2]...
}'

diff -r f952eea8985e -r a86fa24e72bb sys/kern/kern_entropy.c
--- a/sys/kern/kern_entropy.c	Mon May 04 14:53:39 2020 +0000
+++ b/sys/kern/kern_entropy.c	Mon May 04 14:59:16 2020 +0000
@@ -245,6 +245,7 @@ static void	entropy_consolidate(void);
 static void	entropy_gather_xc(void *, void *);
 static void	entropy_notify(void);
 static int	sysctl_entropy_consolidate(SYSCTLFN_ARGS);
+static int	sysctl_entropy_gather(SYSCTLFN_ARGS);
 static void	filt_entropy_read_detach(struct knote *);
 static int	filt_entropy_read_event(struct knote *, long);
 static void	entropy_request(size_t);
@@ -362,6 +363,10 @@ entropy_init(void)
 	    CTLFLAG_PERMANENT|CTLFLAG_READWRITE, CTLTYPE_INT, "consolidate",
 	    SYSCTL_DESCR("Trigger entropy consolidation now"),
 	    sysctl_entropy_consolidate, 0, NULL, 0, CTL_CREATE, CTL_EOL);
+	sysctl_createv(&entropy_sysctllog, 0, &entropy_sysctlroot, NULL,
+	    CTLFLAG_PERMANENT|CTLFLAG_READWRITE, CTLTYPE_INT, "gather",
+	    SYSCTL_DESCR("Trigger entropy gathering from sources now"),
+	    sysctl_entropy_gather, 0, NULL, 0, CTL_CREATE, CTL_EOL);
 	/* XXX These should maybe not be readable at securelevel>0.  */
 	sysctl_createv(&entropy_sysctllog, 0, &entropy_sysctlroot, NULL,
 	    CTLFLAG_PERMANENT|CTLFLAG_READONLY|CTLFLAG_PRIVATE, CTLTYPE_INT,
@@ -1171,6 +1176,35 @@ sysctl_entropy_consolidate(SYSCTLFN_ARGS
 }
 
 /*
+ * sysctl -w kern.entropy.gather=1
+ *
+ *	Trigger gathering entropy from all on-demand sources, and wait
+ *	for synchronous sources (but not asynchronous sources) to
+ *	complete.  Writable only by superuser.
+ */
+static int
+sysctl_entropy_gather(SYSCTLFN_ARGS)
+{
+	struct sysctlnode node = *rnode;
+	int arg;
+	int error;
+
+	KASSERT(E->stage == ENTROPY_HOT);
+
+	node.sysctl_data = &arg;
+	error = sysctl_lookup(SYSCTLFN_CALL(&node));
+	if (error || newp == NULL)
+		return error;
+	if (arg) {
+		mutex_enter(&E->lock);
+		entropy_request(ENTROPY_CAPACITY);
+		mutex_exit(&E->lock);
+	}
+
+	return 0;
+}
+
+/*
  * entropy_extract(buf, len, flags)
  *
  *	Extract len bytes from the global entropy pool into buf.