[apple/xnu.git] / bsd / dev / random / randomdev.c

/*
 * Copyright (c) 1999-2009 Apple, Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 *
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */


#include <sys/param.h>
#include <sys/systm.h>
#include <sys/proc.h>
#include <sys/errno.h>
#include <sys/ioctl.h>
#include <sys/conf.h>
#include <sys/fcntl.h>
#include <string.h>
#include <miscfs/devfs/devfs.h>
#include <kern/locks.h>
#include <kern/clock.h>
#include <sys/time.h>
#include <sys/malloc.h>
#include <sys/sysproto.h>
#include <sys/uio_internal.h>

#include <dev/random/randomdev.h>

#include <libkern/OSByteOrder.h>
#include <libkern/OSAtomic.h>

#include <mach/mach_time.h>

#define RANDOM_MAJOR  -1 /* let the kernel pick the device number */
#define RANDOM_MINOR   0
#define URANDOM_MINOR  1

d_ioctl_t       random_ioctl;

/*
 * A struct describing which functions will get invoked for certain
 * actions.
 */
static struct cdevsw random_cdevsw =
{
	random_open,            /* open */
	random_close,           /* close */
	random_read,            /* read */
	random_write,           /* write */
	random_ioctl,           /* ioctl */
	(stop_fcn_t *)nulldev, /* stop */
	(reset_fcn_t *)nulldev, /* reset */
	NULL,                           /* tty's */
	eno_select,                     /* select */
	eno_mmap,                       /* mmap */
	eno_strat,                      /* strategy */
	eno_getc,                       /* getc */
	eno_putc,                       /* putc */
	0                                       /* type */
};


/*
 * Called to initialize our device,
 * and to register ourselves with devfs
 */
void
random_init(void)
{
	int ret;

	ret = cdevsw_add(RANDOM_MAJOR, &random_cdevsw);
	if (ret < 0) {
		panic("random_init: failed to allocate a major number!");
	}

	devfs_make_node(makedev(ret, RANDOM_MINOR), DEVFS_CHAR,
	    UID_ROOT, GID_WHEEL, 0666, "random", 0);

	/*
	 * also make urandom
	 * (which is exactly the same thing in our context)
	 */
	devfs_make_node(makedev(ret, URANDOM_MINOR), DEVFS_CHAR,
	    UID_ROOT, GID_WHEEL, 0666, "urandom", 0);
}

int
random_ioctl(   __unused dev_t dev, u_long cmd, __unused caddr_t data,
    __unused int flag, __unused struct proc *p  )
{
	switch (cmd) {
	case FIONBIO:
	case FIOASYNC:
		break;
	default:
		return ENODEV;
	}

	return 0;
}

/*
 * Open the device.  Make sure init happened, and make sure the caller is
 * authorized.
 */

int
random_open(__unused dev_t dev, int flags, __unused int devtype, __unused struct proc *p)
{
	/*
	 * if we are being opened for write,
	 * make sure that we have privledges do so
	 */
	if (flags & FWRITE) {
		if (securelevel >= 2) {
			return EPERM;
		}
#ifndef __APPLE__
		if ((securelevel >= 1) && proc_suser(p)) {
			return EPERM;
		}
#endif  /* !__APPLE__ */
	}

	return 0;
}


/*
 * close the device.
 */

int
random_close(__unused dev_t dev, __unused int flags, __unused int mode, __unused struct proc *p)
{
	return 0;
}


/*
 * Get entropic data from the Security Server, and use it to reseed the
 * prng.
 */
int
random_write(dev_t dev, struct uio *uio, __unused int ioflag)
{
	int retCode = 0;
	char rdBuffer[256];

	if (minor(dev) != RANDOM_MINOR) {
		return EPERM;
	}

	/* Security server is sending us entropy */

	while (uio_resid(uio) > 0 && retCode == 0) {
		/* get the user's data */
		int bytesToInput = MIN(uio_resid(uio),
		    (user_ssize_t) sizeof(rdBuffer));
		retCode = uiomove(rdBuffer, bytesToInput, uio);
		if (retCode != 0) {
			break;
		}
		retCode = write_random(rdBuffer, bytesToInput);
		if (retCode != 0) {
			break;
		}
	}

	return retCode;
}

/*
 * return data to the caller.  Results unpredictable.
 */
int
random_read(__unused dev_t dev, struct uio *uio, __unused int ioflag)
{
	int retCode = 0;
	char buffer[512];

	user_ssize_t bytes_remaining = uio_resid(uio);
	while (bytes_remaining > 0 && retCode == 0) {
		int bytesToRead = MIN(bytes_remaining,
		    (user_ssize_t) sizeof(buffer));
		read_random(buffer, bytesToRead);

		retCode = uiomove(buffer, bytesToRead, uio);
		if (retCode != 0) {
			break;
		}

		bytes_remaining = uio_resid(uio);
	}

	return retCode;
}

/*
 * Return an u_int32_t pseudo-random number.
 */
u_int32_t
RandomULong(void)
{
	u_int32_t buf;
	read_random(&buf, sizeof(buf));
	return buf;
}


int
getentropy(__unused struct proc * p, struct getentropy_args *gap, __unused int * ret)
{
	user_addr_t user_addr;
	uint32_t user_size;
	char buffer[256];

	user_addr = (vm_map_offset_t)gap->buffer;
	user_size = gap->size;
	/* Can't request more than 256 random bytes
	 * at once. Complying with openbsd getentropy()
	 */
	if (user_size > sizeof(buffer)) {
		return EINVAL;
	}
	read_random(buffer, user_size);
	return copyout(buffer, user_addr, user_size);
}
Commit	Line	Data
0b4e3aa0	1	/*
b0d623f7	2	* Copyright (c) 1999-2009 Apple, Inc. All rights reserved.
5d5c5d0d	3	*
2d21ac55	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
39037602	5	*
2d21ac55 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
39037602	14	*
2d21ac55 A	15	* Please obtain a copy of the License at
2d21ac55 A	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
39037602	17	*
2d21ac55 A	18	* The Original Code and all software distributed under the License are
2d21ac55 A	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5 A	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
8f6c56a5 A	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55 A	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
39037602	25	*
2d21ac55	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
0b4e3aa0 A	27	*/
0b4e3aa0 A	28
b0d623f7	29
0b4e3aa0 A	30	#include <sys/param.h>
	31	#include <sys/systm.h>
	32	#include <sys/proc.h>
	33	#include <sys/errno.h>
	34	#include <sys/ioctl.h>
	35	#include <sys/conf.h>
	36	#include <sys/fcntl.h>
8ad349bb	37	#include <string.h>
0b4e3aa0	38	#include <miscfs/devfs/devfs.h>
fe8ab488	39	#include <kern/locks.h>
2d21ac55	40	#include <kern/clock.h>
0b4e3aa0 A	41	#include <sys/time.h>
0b4e3aa0 A	42	#include <sys/malloc.h>
39037602	43	#include <sys/sysproto.h>
91447636	44	#include <sys/uio_internal.h>
0b4e3aa0 A	45
0b4e3aa0 A	46	#include <dev/random/randomdev.h>
b0d623f7 A	47
b0d623f7 A	48	#include <libkern/OSByteOrder.h>
bd504ef0	49	#include <libkern/OSAtomic.h>
2d21ac55 A	50
2d21ac55 A	51	#include <mach/mach_time.h>
b0d623f7	52
0b4e3aa0	53	#define RANDOM_MAJOR -1 /* let the kernel pick the device number */
fe8ab488 A	54	#define RANDOM_MINOR 0
fe8ab488 A	55	#define URANDOM_MINOR 1
0b4e3aa0	56
55e303ae A	57	d_ioctl_t random_ioctl;
55e303ae A	58
0b4e3aa0 A	59	/*
	60	* A struct describing which functions will get invoked for certain
	61	* actions.
	62	*/
	63	static struct cdevsw random_cdevsw =
	64	{
0a7de745 A	65	random_open, /* open */
	66	random_close, /* close */
	67	random_read, /* read */
	68	random_write, /* write */
	69	random_ioctl, /* ioctl */
91447636 A	70	(stop_fcn_t )nulldev, / stop */
91447636 A	71	(reset_fcn_t )nulldev, / reset */
0a7de745 A	72	NULL, /* tty's */
	73	eno_select, /* select */
	74	eno_mmap, /* mmap */
	75	eno_strat, /* strategy */
	76	eno_getc, /* getc */
	77	eno_putc, /* putc */
	78	0 /* type */
0b4e3aa0 A	79	};
0b4e3aa0 A	80
d1ecb069	81
0b4e3aa0 A	82	/*
	83	* Called to initialize our device,
	84	* and to register ourselves with devfs
	85	*/
	86	void
8ad349bb	87	random_init(void)
0b4e3aa0 A	88	{
	89	int ret;
	90
0b4e3aa0 A	91	ret = cdevsw_add(RANDOM_MAJOR, &random_cdevsw);
0b4e3aa0 A	92	if (ret < 0) {
fe8ab488	93	panic("random_init: failed to allocate a major number!");
0b4e3aa0 A	94	}
0b4e3aa0 A	95
0a7de745 A	96	devfs_make_node(makedev(ret, RANDOM_MINOR), DEVFS_CHAR,
0a7de745 A	97	UID_ROOT, GID_WHEEL, 0666, "random", 0);
0b4e3aa0 A	98
0b4e3aa0 A	99	/*
39037602	100	* also make urandom
0b4e3aa0 A	101	* (which is exactly the same thing in our context)
0b4e3aa0 A	102	*/
0a7de745 A	103	devfs_make_node(makedev(ret, URANDOM_MINOR), DEVFS_CHAR,
0a7de745 A	104	UID_ROOT, GID_WHEEL, 0666, "urandom", 0);
55e303ae A	105	}
	106
	107	int
0a7de745 A	108	random_ioctl( __unused dev_t dev, u_long cmd, __unused caddr_t data,
0a7de745 A	109	__unused int flag, __unused struct proc *p )
55e303ae A	110	{
	111	switch (cmd) {
	112	case FIONBIO:
	113	case FIOASYNC:
	114	break;
	115	default:
	116	return ENODEV;
	117	}
	118
0a7de745	119	return 0;
0b4e3aa0 A	120	}
	121
	122	/*
	123	* Open the device. Make sure init happened, and make sure the caller is
	124	* authorized.
	125	*/
39037602	126
0b4e3aa0	127	int
91447636	128	random_open(__unused dev_t dev, int flags, __unused int devtype, __unused struct proc *p)
0b4e3aa0	129	{
0b4e3aa0 A	130	/*
	131	* if we are being opened for write,
	132	* make sure that we have privledges do so
	133	*/
	134	if (flags & FWRITE) {
0a7de745 A	135	if (securelevel >= 2) {
	136	return EPERM;
	137	}
55e303ae	138	#ifndef __APPLE__
0a7de745 A	139	if ((securelevel >= 1) && proc_suser(p)) {
	140	return EPERM;
	141	}
	142	#endif /* !__APPLE__ */
0b4e3aa0 A	143	}
0b4e3aa0 A	144
0a7de745	145	return 0;
0b4e3aa0 A	146	}
	147
	148
	149	/*
	150	* close the device.
	151	*/
39037602	152
0b4e3aa0	153	int
91447636	154	random_close(__unused dev_t dev, __unused int flags, __unused int mode, __unused struct proc *p)
0b4e3aa0	155	{
0a7de745	156	return 0;
0b4e3aa0 A	157	}
	158
	159
	160	/*
	161	* Get entropic data from the Security Server, and use it to reseed the
	162	* prng.
	163	*/
	164	int
0a7de745	165	random_write(dev_t dev, struct uio *uio, __unused int ioflag)
0b4e3aa0	166	{
0a7de745 A	167	int retCode = 0;
	168	char rdBuffer[256];
	169
	170	if (minor(dev) != RANDOM_MINOR) {
	171	return EPERM;
	172	}
	173
	174	/* Security server is sending us entropy */
	175
	176	while (uio_resid(uio) > 0 && retCode == 0) {
	177	/* get the user's data */
	178	int bytesToInput = MIN(uio_resid(uio),
	179	(user_ssize_t) sizeof(rdBuffer));
	180	retCode = uiomove(rdBuffer, bytesToInput, uio);
	181	if (retCode != 0) {
	182	break;
	183	}
	184	retCode = write_random(rdBuffer, bytesToInput);
	185	if (retCode != 0) {
	186	break;
	187	}
	188	}
	189
	190	return retCode;
0b4e3aa0 A	191	}
0b4e3aa0 A	192
39236c6e A	193	/*
39236c6e A	194	* return data to the caller. Results unpredictable.
39037602	195	*/
39236c6e A	196	int
	197	random_read(__unused dev_t dev, struct uio *uio, __unused int ioflag)
	198	{
fe8ab488 A	199	int retCode = 0;
fe8ab488 A	200	char buffer[512];
39236c6e A	201
39236c6e A	202	user_ssize_t bytes_remaining = uio_resid(uio);
fe8ab488 A	203	while (bytes_remaining > 0 && retCode == 0) {
fe8ab488 A	204	int bytesToRead = MIN(bytes_remaining,
0a7de745	205	(user_ssize_t) sizeof(buffer));
fe8ab488	206	read_random(buffer, bytesToRead);
39037602	207
fe8ab488	208	retCode = uiomove(buffer, bytesToRead, uio);
0a7de745	209	if (retCode != 0) {
fe8ab488	210	break;
0a7de745	211	}
39037602	212
39236c6e	213	bytes_remaining = uio_resid(uio);
fe8ab488	214	}
39037602	215
fe8ab488	216	return retCode;
39236c6e	217	}
fe8ab488	218
0b4e3aa0	219	/*
b0d623f7	220	* Return an u_int32_t pseudo-random number.
0b4e3aa0	221	*/
b0d623f7	222	u_int32_t
8ad349bb	223	RandomULong(void)
0b4e3aa0	224	{
b0d623f7	225	u_int32_t buf;
0a7de745 A	226	read_random(&buf, sizeof(buf));
0a7de745 A	227	return buf;
0b4e3aa0	228	}
d1ecb069	229
39037602 A	230
39037602 A	231	int
0a7de745 A	232	getentropy(__unused struct proc * p, struct getentropy_args gap, __unused int ret)
0a7de745 A	233	{
39037602 A	234	user_addr_t user_addr;
	235	uint32_t user_size;
	236	char buffer[256];
	237
	238	user_addr = (vm_map_offset_t)gap->buffer;
	239	user_size = gap->size;
	240	/* Can't request more than 256 random bytes
	241	* at once. Complying with openbsd getentropy()
	242	*/
	243	if (user_size > sizeof(buffer)) {
	244	return EINVAL;
	245	}
	246	read_random(buffer, user_size);
	247	return copyout(buffer, user_addr, user_size);
	248	}