]> git.saurik.com Git - apple/xnu.git/blame - bsd/dev/random/randomdev.c
xnu-792.6.76.tar.gz
[apple/xnu.git] / bsd / dev / random / randomdev.c
CommitLineData
0b4e3aa0 1/*
91447636 2 * Copyright (c) 1999-2004 Apple Computer, Inc. All rights reserved.
0b4e3aa0
A
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
37839358
A
6 * The contents of this file constitute Original Code as defined in and
7 * are subject to the Apple Public Source License Version 1.1 (the
8 * "License"). You may not use this file except in compliance with the
9 * License. Please obtain a copy of the License at
10 * http://www.apple.com/publicsource and read it before using this file.
0b4e3aa0 11 *
37839358
A
12 * This Original Code and all software distributed under the License are
13 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
0b4e3aa0
A
14 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
37839358
A
16 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17 * License for the specific language governing rights and limitations
18 * under the License.
0b4e3aa0
A
19 *
20 * @APPLE_LICENSE_HEADER_END@
21 */
22
23#include <sys/param.h>
24#include <sys/systm.h>
25#include <sys/proc.h>
26#include <sys/errno.h>
27#include <sys/ioctl.h>
28#include <sys/conf.h>
29#include <sys/fcntl.h>
30#include <miscfs/devfs/devfs.h>
31#include <kern/lock.h>
0b4e3aa0
A
32#include <sys/time.h>
33#include <sys/malloc.h>
91447636 34#include <sys/uio_internal.h>
0b4e3aa0
A
35
36#include <dev/random/randomdev.h>
37#include <dev/random/YarrowCoreLib/include/yarrow.h>
38
39#define RANDOM_MAJOR -1 /* let the kernel pick the device number */
40
55e303ae
A
41d_ioctl_t random_ioctl;
42
0b4e3aa0
A
43/*
44 * A struct describing which functions will get invoked for certain
45 * actions.
46 */
47static struct cdevsw random_cdevsw =
48{
49 random_open, /* open */
50 random_close, /* close */
51 random_read, /* read */
52 random_write, /* write */
91447636
A
53 random_ioctl, /* ioctl */
54 (stop_fcn_t *)nulldev, /* stop */
55 (reset_fcn_t *)nulldev, /* reset */
0b4e3aa0
A
56 NULL, /* tty's */
57 eno_select, /* select */
58 eno_mmap, /* mmap */
59 eno_strat, /* strategy */
60 eno_getc, /* getc */
61 eno_putc, /* putc */
62 0 /* type */
63};
64
65/* Used to detect whether we've already been initialized */
66static int gRandomInstalled = 0;
67static PrngRef gPrngRef;
68static int gRandomError = 1;
69static mutex_t *gYarrowMutex = 0;
70
71#define RESEED_TICKS 50 /* how long a reseed operation can take */
72
91447636 73
0b4e3aa0
A
74/*
75 *Initialize ONLY the Yarrow generator.
76 */
91447636 77void PreliminarySetup( void )
0b4e3aa0
A
78{
79 prng_error_status perr;
80 struct timeval tt;
81 char buffer [16];
82
83 /* create a Yarrow object */
84 perr = prngInitialize(&gPrngRef);
85 if (perr != 0) {
86 printf ("Couldn't initialize Yarrow, /dev/random will not work.\n");
87 return;
88 }
89
90 /* clear the error flag, reads and write should then work */
91 gRandomError = 0;
92
93 /* get a little non-deterministic data as an initial seed. */
94 microtime(&tt);
95
96 /*
97 * So how much of the system clock is entropic?
98 * It's hard to say, but assume that at least the
99 * least significant byte of a 64 bit structure
100 * is entropic. It's probably more, how can you figure
101 * the exact time the user turned the computer on, for example.
102 */
103 perr = prngInput(gPrngRef, (BYTE*) &tt, sizeof (tt), SYSTEM_SOURCE, 8);
104 if (perr != 0) {
105 /* an error, complain */
106 printf ("Couldn't seed Yarrow.\n");
107 return;
108 }
109
110 /* turn the data around */
111 perr = prngOutput(gPrngRef, (BYTE*) buffer, sizeof (buffer));
112
113 /* and scramble it some more */
114 perr = prngForceReseed(gPrngRef, RESEED_TICKS);
115
116 /* make a mutex to control access */
117 gYarrowMutex = mutex_alloc(0);
118}
119
120/*
121 * Called to initialize our device,
122 * and to register ourselves with devfs
123 */
124void
91447636 125random_init( void )
0b4e3aa0
A
126{
127 int ret;
128
129 if (gRandomInstalled)
130 return;
131
132 /* install us in the file system */
133 gRandomInstalled = 1;
134
135 /* setup yarrow and the mutex */
136 PreliminarySetup();
137
138 ret = cdevsw_add(RANDOM_MAJOR, &random_cdevsw);
139 if (ret < 0) {
140 printf("random_init: failed to allocate a major number!\n");
141 gRandomInstalled = 0;
142 return;
143 }
144
145 devfs_make_node(makedev (ret, 0), DEVFS_CHAR,
55e303ae 146 UID_ROOT, GID_WHEEL, 0666, "random", 0);
0b4e3aa0
A
147
148 /*
149 * also make urandom
150 * (which is exactly the same thing in our context)
151 */
152 devfs_make_node(makedev (ret, 1), DEVFS_CHAR,
55e303ae
A
153 UID_ROOT, GID_WHEEL, 0666, "urandom", 0);
154}
155
156int
91447636
A
157random_ioctl( __unused dev_t dev, u_long cmd, __unused caddr_t data,
158 __unused int flag, __unused struct proc *p )
55e303ae
A
159{
160 switch (cmd) {
161 case FIONBIO:
162 case FIOASYNC:
163 break;
164 default:
165 return ENODEV;
166 }
167
168 return (0);
0b4e3aa0
A
169}
170
171/*
172 * Open the device. Make sure init happened, and make sure the caller is
173 * authorized.
174 */
175
176int
91447636 177random_open(__unused dev_t dev, int flags, __unused int devtype, __unused struct proc *p)
0b4e3aa0
A
178{
179 if (gRandomError != 0) {
180 /* forget it, yarrow didn't come up */
181 return (ENOTSUP);
182 }
183
184 /*
185 * if we are being opened for write,
186 * make sure that we have privledges do so
187 */
188 if (flags & FWRITE) {
189 if (securelevel >= 2)
190 return (EPERM);
55e303ae 191#ifndef __APPLE__
91447636 192 if ((securelevel >= 1) && proc_suser(p))
0b4e3aa0 193 return (EPERM);
55e303ae 194#endif /* !__APPLE__ */
0b4e3aa0
A
195 }
196
197 return (0);
198}
199
200
201/*
202 * close the device.
203 */
204
205int
91447636 206random_close(__unused dev_t dev, __unused int flags, __unused int mode, __unused struct proc *p)
0b4e3aa0
A
207{
208 return (0);
209}
210
211
212/*
213 * Get entropic data from the Security Server, and use it to reseed the
214 * prng.
215 */
216int
91447636 217random_write (__unused dev_t dev, struct uio *uio, __unused int ioflag)
0b4e3aa0
A
218{
219 int retCode = 0;
220 char rdBuffer[256];
221
222 if (gRandomError != 0) {
223 return (ENOTSUP);
224 }
225
226 /* get control of the Yarrow instance, Yarrow is NOT thread safe */
227 mutex_lock(gYarrowMutex);
228
229 /* Security server is sending us entropy */
230
91447636 231 while (uio_resid(uio) > 0 && retCode == 0) {
0b4e3aa0 232 /* get the user's data */
91447636
A
233 // LP64todo - fix this! uio_resid may be 64-bit value
234 int bytesToInput = min(uio_resid(uio), sizeof (rdBuffer));
0b4e3aa0
A
235 retCode = uiomove(rdBuffer, bytesToInput, uio);
236 if (retCode != 0)
237 goto /*ugh*/ error_exit;
238
239 /* put it in Yarrow */
240 if (prngInput(gPrngRef, (BYTE*) rdBuffer,
241 sizeof (rdBuffer), SYSTEM_SOURCE,
242 sizeof (rdBuffer) * 8) != 0) {
243 retCode = EIO;
244 goto error_exit;
245 }
246 }
247
248 /* force a reseed */
249 if (prngForceReseed(gPrngRef, RESEED_TICKS) != 0) {
250 retCode = EIO;
251 goto error_exit;
252 }
253
254 /* retCode should be 0 at this point */
255
256error_exit: /* do this to make sure the mutex unlocks. */
257 mutex_unlock(gYarrowMutex);
258 return (retCode);
259}
260
261/*
262 * return data to the caller. Results unpredictable.
263 */
264int
91447636 265random_read(__unused dev_t dev, struct uio *uio, __unused int ioflag)
0b4e3aa0
A
266{
267 int retCode = 0;
268 char wrBuffer[512];
269
270 if (gRandomError != 0)
271 return (ENOTSUP);
272
273 /* lock down the mutex */
274 mutex_lock(gYarrowMutex);
275
91447636 276 while (uio_resid(uio) > 0 && retCode == 0) {
0b4e3aa0 277 /* get the user's data */
91447636
A
278 // LP64todo - fix this! uio_resid may be 64-bit value
279 int bytesToRead = min(uio_resid(uio), sizeof (wrBuffer));
0b4e3aa0
A
280
281 /* get the data from Yarrow */
282 if (prngOutput(gPrngRef, (BYTE *) wrBuffer, sizeof (wrBuffer)) != 0) {
283 printf ("Couldn't read data from Yarrow.\n");
284
285 /* something's really weird */
286 retCode = EIO;
287 goto error_exit;
288 }
289
290 retCode = uiomove(wrBuffer, bytesToRead, uio);
291
292 if (retCode != 0)
293 goto error_exit;
294 }
295
296 retCode = 0;
297
298error_exit:
299 mutex_unlock(gYarrowMutex);
300 return retCode;
301}
302
303/* export good random numbers to the rest of the kernel */
304void
305read_random(void* buffer, u_int numbytes)
306{
307 if (gYarrowMutex == 0) { /* are we initialized? */
308 PreliminarySetup ();
309 }
310
311 mutex_lock(gYarrowMutex);
312 prngOutput(gPrngRef, (BYTE *) buffer, numbytes);
313 mutex_unlock(gYarrowMutex);
314}
315
316/*
317 * Return an unsigned long pseudo-random number.
318 */
319u_long
91447636 320RandomULong( void )
0b4e3aa0
A
321{
322 u_long buf;
323 read_random(&buf, sizeof (buf));
324 return (buf);
325}
326