split randomattach into random_init() and random_start(), so that we

can make attempts to load 'entropy' into the RC4.
ok miod ariane

4 files changed, 29 insertions, 8 deletions

diff --git a/sys/dev/rnd.c b/sys/dev/rnd.c
index b5e9683d97d..65d884dfdf5 100644
--- a/sys/dev/rnd.c
+++ b/sys/dev/rnd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rnd.c,v 1.130 2011/01/08 02:23:02 deraadt Exp $	*/
+/*	$OpenBSD: rnd.c,v 1.131 2011/01/08 19:45:07 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2011 Theo de Raadt.
@@ -529,8 +529,13 @@ extract_entropy(u_int8_t *buf, int nbytes)
 #define	ARC4_STATE		256
 #define	ARC4_PARANOIA		4
 
+/*
+ * Start with an unstable state so that rc4_getbytes() can
+ * operate (poorly) before rc4_keysetup().
+ */
+struct rc4_ctx arc4random_state = { 0, 0, { 1, 2, 3, 4, 5, 6 } };
+
 struct mutex rndlock = MUTEX_INITIALIZER(IPL_HIGH);
-struct rc4_ctx arc4random_state;
 struct timeout arc4_timeout;
 
 void arc4_reinit(void *v);		/* timeout to start reinit */
@@ -677,12 +682,23 @@ arc4_reinit(void *v)
 }
 
 void
-randomattach(void)
+random_init(void)
 {
 	rnd_states[RND_SRC_TIMER].dont_count_entropy = 1;
 	rnd_states[RND_SRC_TRUE].dont_count_entropy = 1;
 	rnd_states[RND_SRC_TRUE].max_entropy = 1;
 
+	/*
+	 * Load some code as input data until we are more alive.
+	 * NOTE: We assume there are at 8192 bytes mapped after version,
+	 * because we want to pull some "code" in as well.
+	 */
+	rc4_keysetup(&arc4random_state, (u_int8_t *)&version, 8192);
+}
+
+void
+random_start(void)
+{
 	if (msgbufp && msgbufp->msg_magic == MSG_MAGIC)
 		add_entropy_words((u_int32_t *)msgbufp->msg_bufc,
 		    msgbufp->msg_bufs / sizeof(u_int32_t));
diff --git a/sys/dev/rndvar.h b/sys/dev/rndvar.h
index 34f62d70ffa..51e7b084095 100644
--- a/sys/dev/rndvar.h
+++ b/sys/dev/rndvar.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rndvar.h,v 1.28 2011/01/07 23:13:48 tedu Exp $	*/
+/*	$OpenBSD: rndvar.h,v 1.29 2011/01/08 19:45:08 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1996,2000 Michael Shalayeff.
@@ -74,6 +74,9 @@ extern struct rndstats rndstats;
 #define	add_audio_randomness(d)	enqueue_randomness(RND_SRC_AUDIO, (int)(d))
 #define	add_video_randomness(d)	enqueue_randomness(RND_SRC_VIDEO, (int)(d))
 
+void random_init(void);
+void random_start(void);
+
 void enqueue_randomness(int, int);
 void arc4random_buf(void *, size_t);
 u_int32_t arc4random(void);
diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c
index cb964b3a96f..fc78df2c2a3 100644
--- a/sys/kern/init_main.c
+++ b/sys/kern/init_main.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: init_main.c,v 1.173 2011/01/01 06:54:51 deraadt Exp $	*/
+/*	$OpenBSD: init_main.c,v 1.174 2011/01/08 19:45:09 deraadt Exp $	*/
 /*	$NetBSD: init_main.c,v 1.84.4.1 1996/06/02 09:08:06 mrg Exp $	*/
 
 /*
@@ -220,6 +220,8 @@ main(void *framep)
 	KERNEL_LOCK_INIT();
 	SCHED_LOCK_INIT();
 
+	random_init();
+
 	uvm_init();
 	disk_init();		/* must come before autoconfiguration */
 	tty_init();		/* initialise tty's */
@@ -345,6 +347,8 @@ main(void *framep)
 	/* Initialize work queues */
 	workq_init();
 
+	random_start();
+
 	/* Initialize the interface/address trees */
 	ifinit();
 
@@ -382,7 +386,6 @@ main(void *framep)
 #endif
 
 	/* Attach pseudo-devices. */
-	randomattach();
 	for (pdev = pdevinit; pdev->pdev_attach != NULL; pdev++)
 		if (pdev->pdev_count > 0)
 			(*pdev->pdev_attach)(pdev->pdev_count);
diff --git a/sys/sys/conf.h b/sys/sys/conf.h
index f0cf1f7a42d..ac68cb02d63 100644
--- a/sys/sys/conf.h
+++ b/sys/sys/conf.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: conf.h,v 1.108 2010/12/31 22:32:19 deraadt Exp $	*/
+/*	$OpenBSD: conf.h,v 1.109 2011/01/08 19:45:09 deraadt Exp $	*/
 /*	$NetBSD: conf.h,v 1.33 1996/05/03 20:03:32 christos Exp $	*/
 
 /*-
@@ -391,7 +391,6 @@ extern struct cdevsw cdevsw[];
 	dev_init(c,n,write), dev_init(c,n,ioctl), (dev_type_stop((*))) enodev, \
 	0, seltrue, (dev_type_mmap((*))) enodev, \
 	0, D_KQFILTER, seltrue_kqfilter }
-void	randomattach(void);
 
 /* open, close, ioctl, poll, nokqfilter */
 #define	cdev_usb_init(c,n) { \