Seed the random pool with the dmesg buffer at randomattach().

This lets early arc4random() calls to return at least non-uniqe values
on different machines. The dmesg will have different MAC addresses,
etc. Also ignore the entropy count in arc4_stir, and just take what's
there. sizeof(struct timeval) should be sizof(struct timespec)
This was forgotten when we switched to nanotime.
With help from mickey.
OK djm@, deraadt@

1 files changed, 8 insertions, 6 deletions

diff --git a/sys/dev/rnd.c b/sys/dev/rnd.c
index 9bb08acc845..9758e9c6c83 100644
--- a/sys/dev/rnd.c
+++ b/sys/dev/rnd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rnd.c,v 1.95 2008/10/15 03:30:57 djm Exp $	*/
+/*	$OpenBSD: rnd.c,v 1.96 2008/11/24 10:30:12 mpf Exp $	*/
 
 /*
  * rnd.c -- A strong random number generator
@@ -251,6 +251,7 @@
 #include <sys/timeout.h>
 #include <sys/poll.h>
 #include <sys/mutex.h>
+#include <sys/msgbuf.h>
 
 #include <crypto/md5.h>
 #include <crypto/arc4.h>
@@ -782,11 +783,9 @@ arc4_stir(void)
 	int len;
 
 	nanotime((struct timespec *) buf);
-	len = random_state.entropy_count / 8; /* XXX maybe a half? */
-	if (len > sizeof(buf) - sizeof(struct timeval))
-		len = sizeof(buf) - sizeof(struct timeval);
-	get_random_bytes(buf + sizeof (struct timeval), len);
-	len += sizeof(struct timeval);
+	len = sizeof(buf) - sizeof(struct timespec);
+	get_random_bytes(buf + sizeof (struct timespec), len);
+	len += sizeof(struct timespec);
 
 	mtx_enter(&rndlock);
 	if (rndstats.arc4_nstirs > 0)
@@ -858,6 +857,9 @@ randomattach(void)
 	mtx_init(&rndlock, IPL_HIGH);
 	arc4_reinit(NULL);
 
+	if (msgbufp && msgbufp->msg_magic == MSG_MAGIC)
+		add_entropy_words((u_int32_t *)msgbufp->msg_bufc,
+		    msgbufp->msg_bufs / sizeof(u_int32_t));
 	rnd_attached = 1;
 }