[apple/xnu.git] / bsd / dev / random / randomdev.c

/*
 * Copyright (c) 1999-2009 Apple, Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 *
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */


#include <sys/param.h>
#include <sys/systm.h>
#include <sys/proc.h>
#include <sys/errno.h>
#include <sys/ioctl.h>
#include <sys/conf.h>
#include <sys/fcntl.h>
#include <string.h>
#include <miscfs/devfs/devfs.h>
#include <kern/locks.h>
#include <kern/clock.h>
#include <sys/time.h>
#include <sys/malloc.h>
#include <sys/sysproto.h>
#include <sys/uio_internal.h>

#include <dev/random/randomdev.h>

#include <libkern/OSByteOrder.h>
#include <libkern/OSAtomic.h>

#include <mach/mach_time.h>

#define RANDOM_MAJOR  -1 /* let the kernel pick the device number */
#define RANDOM_MINOR   0
#define URANDOM_MINOR  1

d_ioctl_t       random_ioctl;

/*
 * A struct describing which functions will get invoked for certain
 * actions.
 */
static struct cdevsw random_cdevsw =
{
	random_open,		/* open */
	random_close,		/* close */
	random_read,		/* read */
	random_write,		/* write */
	random_ioctl,		/* ioctl */
	(stop_fcn_t *)nulldev, /* stop */
	(reset_fcn_t *)nulldev, /* reset */
	NULL,				/* tty's */
	eno_select,			/* select */
	eno_mmap,			/* mmap */
	eno_strat,			/* strategy */
	eno_getc,			/* getc */
	eno_putc,			/* putc */
	0					/* type */
};


/*
 * Called to initialize our device,
 * and to register ourselves with devfs
 */
void
random_init(void)
{
	int ret;

	ret = cdevsw_add(RANDOM_MAJOR, &random_cdevsw);
	if (ret < 0) {
		panic("random_init: failed to allocate a major number!");
	}

	devfs_make_node(makedev (ret, RANDOM_MINOR), DEVFS_CHAR,
		UID_ROOT, GID_WHEEL, 0666, "random", 0);

	/*
	 * also make urandom
	 * (which is exactly the same thing in our context)
	 */
	devfs_make_node(makedev (ret, URANDOM_MINOR), DEVFS_CHAR,
		UID_ROOT, GID_WHEEL, 0666, "urandom", 0);

}

int
random_ioctl(	__unused dev_t dev, u_long cmd, __unused caddr_t data,
				__unused int flag, __unused struct proc *p  )
{
	switch (cmd) {
	case FIONBIO:
	case FIOASYNC:
		break;
	default:
		return ENODEV;
	}

	return (0);
}

/*
 * Open the device.  Make sure init happened, and make sure the caller is
 * authorized.
 */

int
random_open(__unused dev_t dev, int flags, __unused int devtype, __unused struct proc *p)
{
	/*
	 * if we are being opened for write,
	 * make sure that we have privledges do so
	 */
	if (flags & FWRITE) {
		if (securelevel >= 2)
			return (EPERM);
#ifndef __APPLE__
		if ((securelevel >= 1) && proc_suser(p))
			return (EPERM);
#endif	/* !__APPLE__ */
	}

	return (0);
}


/*
 * close the device.
 */

int
random_close(__unused dev_t dev, __unused int flags, __unused int mode, __unused struct proc *p)
{
	return (0);
}


/*
 * Get entropic data from the Security Server, and use it to reseed the
 * prng.
 */
int
random_write (dev_t dev, struct uio *uio, __unused int ioflag)
{
    int retCode = 0;
    char rdBuffer[256];

    if (minor(dev) != RANDOM_MINOR)
	return EPERM;

    /* Security server is sending us entropy */

    while (uio_resid(uio) > 0 && retCode == 0) {
        /* get the user's data */
        int bytesToInput = MIN(uio_resid(uio),
			       (user_ssize_t) sizeof(rdBuffer));
        retCode = uiomove(rdBuffer, bytesToInput, uio);
        if (retCode != 0)
	    break;
	retCode = write_random(rdBuffer, bytesToInput);
        if (retCode != 0)
	    break;
    }

    return retCode;
}

/*
 * return data to the caller.  Results unpredictable.
 */
int
random_read(__unused dev_t dev, struct uio *uio, __unused int ioflag)
{
	int retCode = 0;
	char buffer[512];

	user_ssize_t bytes_remaining = uio_resid(uio);
	while (bytes_remaining > 0 && retCode == 0) {
		int bytesToRead = MIN(bytes_remaining,
				      (user_ssize_t) sizeof(buffer));
		read_random(buffer, bytesToRead);

		retCode = uiomove(buffer, bytesToRead, uio);
		if (retCode != 0)
			break;

		bytes_remaining = uio_resid(uio);
	}

	return retCode;
}

/*
 * Return an u_int32_t pseudo-random number.
 */
u_int32_t
RandomULong(void)
{
	u_int32_t buf;
	read_random(&buf, sizeof (buf));
	return (buf);
}


int
getentropy(__unused struct proc * p, struct getentropy_args *gap, __unused int * ret) {
	user_addr_t user_addr;
	uint32_t user_size;
	char buffer[256];

	user_addr = (vm_map_offset_t)gap->buffer;
	user_size = gap->size;
	/* Can't request more than 256 random bytes
	 * at once. Complying with openbsd getentropy()
	 */
	if (user_size > sizeof(buffer)) {
		return EINVAL;
	}
	read_random(buffer, user_size);
	return copyout(buffer, user_addr, user_size);
}
Commit	Line	Data
0b4e3aa0	1	/*
b0d623f7	2	* Copyright (c) 1999-2009 Apple, Inc. All rights reserved.
5d5c5d0d	3	*
2d21ac55	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
39037602	5	*
2d21ac55 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
39037602	14	*
2d21ac55 A	15	* Please obtain a copy of the License at
2d21ac55 A	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
39037602	17	*
2d21ac55 A	18	* The Original Code and all software distributed under the License are
2d21ac55 A	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5 A	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
8f6c56a5 A	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55 A	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
39037602	25	*
2d21ac55	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
0b4e3aa0 A	27	*/
0b4e3aa0 A	28
b0d623f7	29
0b4e3aa0 A	30	#include <sys/param.h>
	31	#include <sys/systm.h>
	32	#include <sys/proc.h>
	33	#include <sys/errno.h>
	34	#include <sys/ioctl.h>
	35	#include <sys/conf.h>
	36	#include <sys/fcntl.h>
8ad349bb	37	#include <string.h>
0b4e3aa0	38	#include <miscfs/devfs/devfs.h>
fe8ab488	39	#include <kern/locks.h>
2d21ac55	40	#include <kern/clock.h>
0b4e3aa0 A	41	#include <sys/time.h>
0b4e3aa0 A	42	#include <sys/malloc.h>
39037602	43	#include <sys/sysproto.h>
91447636	44	#include <sys/uio_internal.h>
0b4e3aa0 A	45
0b4e3aa0 A	46	#include <dev/random/randomdev.h>
b0d623f7 A	47
b0d623f7 A	48	#include <libkern/OSByteOrder.h>
bd504ef0	49	#include <libkern/OSAtomic.h>
2d21ac55 A	50
2d21ac55 A	51	#include <mach/mach_time.h>
b0d623f7	52
0b4e3aa0	53	#define RANDOM_MAJOR -1 /* let the kernel pick the device number */
fe8ab488 A	54	#define RANDOM_MINOR 0
fe8ab488 A	55	#define URANDOM_MINOR 1
0b4e3aa0	56
55e303ae A	57	d_ioctl_t random_ioctl;
55e303ae A	58
0b4e3aa0 A	59	/*
	60	* A struct describing which functions will get invoked for certain
	61	* actions.
	62	*/
	63	static struct cdevsw random_cdevsw =
	64	{
	65	random_open, /* open */
	66	random_close, /* close */
	67	random_read, /* read */
	68	random_write, /* write */
91447636 A	69	random_ioctl, /* ioctl */
	70	(stop_fcn_t )nulldev, / stop */
	71	(reset_fcn_t )nulldev, / reset */
0b4e3aa0 A	72	NULL, /* tty's */
	73	eno_select, /* select */
	74	eno_mmap, /* mmap */
	75	eno_strat, /* strategy */
	76	eno_getc, /* getc */
	77	eno_putc, /* putc */
	78	0 /* type */
	79	};
	80
d1ecb069	81
0b4e3aa0 A	82	/*
	83	* Called to initialize our device,
	84	* and to register ourselves with devfs
	85	*/
	86	void
8ad349bb	87	random_init(void)
0b4e3aa0 A	88	{
	89	int ret;
	90
0b4e3aa0 A	91	ret = cdevsw_add(RANDOM_MAJOR, &random_cdevsw);
0b4e3aa0 A	92	if (ret < 0) {
fe8ab488	93	panic("random_init: failed to allocate a major number!");
0b4e3aa0 A	94	}
0b4e3aa0 A	95
fe8ab488	96	devfs_make_node(makedev (ret, RANDOM_MINOR), DEVFS_CHAR,
55e303ae	97	UID_ROOT, GID_WHEEL, 0666, "random", 0);
0b4e3aa0 A	98
0b4e3aa0 A	99	/*
39037602	100	* also make urandom
0b4e3aa0 A	101	* (which is exactly the same thing in our context)
0b4e3aa0 A	102	*/
fe8ab488	103	devfs_make_node(makedev (ret, URANDOM_MINOR), DEVFS_CHAR,
55e303ae	104	UID_ROOT, GID_WHEEL, 0666, "urandom", 0);
bd504ef0	105
55e303ae A	106	}
	107
	108	int
39037602	109	random_ioctl( __unused dev_t dev, u_long cmd, __unused caddr_t data,
91447636	110	__unused int flag, __unused struct proc *p )
55e303ae A	111	{
	112	switch (cmd) {
	113	case FIONBIO:
	114	case FIOASYNC:
	115	break;
	116	default:
	117	return ENODEV;
	118	}
	119
	120	return (0);
0b4e3aa0 A	121	}
	122
	123	/*
	124	* Open the device. Make sure init happened, and make sure the caller is
	125	* authorized.
	126	*/
39037602	127
0b4e3aa0	128	int
91447636	129	random_open(__unused dev_t dev, int flags, __unused int devtype, __unused struct proc *p)
0b4e3aa0	130	{
0b4e3aa0 A	131	/*
	132	* if we are being opened for write,
	133	* make sure that we have privledges do so
	134	*/
	135	if (flags & FWRITE) {
	136	if (securelevel >= 2)
	137	return (EPERM);
55e303ae	138	#ifndef __APPLE__
91447636	139	if ((securelevel >= 1) && proc_suser(p))
0b4e3aa0	140	return (EPERM);
55e303ae	141	#endif /* !__APPLE__ */
0b4e3aa0 A	142	}
	143
	144	return (0);
	145	}
	146
	147
	148	/*
	149	* close the device.
	150	*/
39037602	151
0b4e3aa0	152	int
91447636	153	random_close(__unused dev_t dev, __unused int flags, __unused int mode, __unused struct proc *p)
0b4e3aa0 A	154	{
	155	return (0);
	156	}
	157
	158
	159	/*
	160	* Get entropic data from the Security Server, and use it to reseed the
	161	* prng.
	162	*/
	163	int
fe8ab488	164	random_write (dev_t dev, struct uio *uio, __unused int ioflag)
0b4e3aa0 A	165	{
	166	int retCode = 0;
	167	char rdBuffer[256];
	168
fe8ab488 A	169	if (minor(dev) != RANDOM_MINOR)
	170	return EPERM;
	171
0b4e3aa0 A	172	/* Security server is sending us entropy */
0b4e3aa0 A	173
91447636	174	while (uio_resid(uio) > 0 && retCode == 0) {
0b4e3aa0	175	/* get the user's data */
fe8ab488 A	176	int bytesToInput = MIN(uio_resid(uio),
fe8ab488 A	177	(user_ssize_t) sizeof(rdBuffer));
0b4e3aa0 A	178	retCode = uiomove(rdBuffer, bytesToInput, uio);
0b4e3aa0 A	179	if (retCode != 0)
fe8ab488 A	180	break;
	181	retCode = write_random(rdBuffer, bytesToInput);
	182	if (retCode != 0)
	183	break;
8ad349bb A	184	}
8ad349bb A	185
fe8ab488	186	return retCode;
0b4e3aa0 A	187	}
0b4e3aa0 A	188
39236c6e A	189	/*
39236c6e A	190	* return data to the caller. Results unpredictable.
39037602	191	*/
39236c6e A	192	int
	193	random_read(__unused dev_t dev, struct uio *uio, __unused int ioflag)
	194	{
fe8ab488 A	195	int retCode = 0;
fe8ab488 A	196	char buffer[512];
39236c6e A	197
39236c6e A	198	user_ssize_t bytes_remaining = uio_resid(uio);
fe8ab488 A	199	while (bytes_remaining > 0 && retCode == 0) {
	200	int bytesToRead = MIN(bytes_remaining,
	201	(user_ssize_t) sizeof(buffer));
	202	read_random(buffer, bytesToRead);
39037602	203
fe8ab488 A	204	retCode = uiomove(buffer, bytesToRead, uio);
	205	if (retCode != 0)
	206	break;
39037602	207
39236c6e	208	bytes_remaining = uio_resid(uio);
fe8ab488	209	}
39037602	210
fe8ab488	211	return retCode;
39236c6e	212	}
fe8ab488	213
0b4e3aa0	214	/*
b0d623f7	215	* Return an u_int32_t pseudo-random number.
0b4e3aa0	216	*/
b0d623f7	217	u_int32_t
8ad349bb	218	RandomULong(void)
0b4e3aa0	219	{
b0d623f7	220	u_int32_t buf;
0b4e3aa0 A	221	read_random(&buf, sizeof (buf));
	222	return (buf);
	223	}
d1ecb069	224
39037602 A	225
	226	int
	227	getentropy(__unused struct proc * p, struct getentropy_args gap, __unused int ret) {
	228	user_addr_t user_addr;
	229	uint32_t user_size;
	230	char buffer[256];
	231
	232	user_addr = (vm_map_offset_t)gap->buffer;
	233	user_size = gap->size;
	234	/* Can't request more than 256 random bytes
	235	* at once. Complying with openbsd getentropy()
	236	*/
	237	if (user_size > sizeof(buffer)) {
	238	return EINVAL;
	239	}
	240	read_random(buffer, user_size);
	241	return copyout(buffer, user_addr, user_size);
	242	}