When the new random adaptor code was brought it in r273872, a call to

randomdev_init_reader to change read_random over to the newly installed
adaptor was missed.  This means both read_random and arc4random (seeded
from read_random) were not returning very random data.  This also
effects userland arc4random as it is seeded from kernel arc4random.

The random devices are uneffected and have returned good randomness
since the change.

All keys generated with a kernel of r273872 must be regenerated with
a kernel with this patch.  Keys generated may be predictable.

Remove the warning as log is too early to print anything, and it would
always get printed due to early use of arc4random...

Reviewed by:	delphij, markm
Approved by:    so (delphij)

4 files changed, 16 insertions, 15 deletions

diff --git a/sys/dev/random/dummy_rng.c b/sys/dev/random/dummy_rng.c
index a7ca4b3460db..e78f5a8d0a68 100644
--- a/sys/dev/random/dummy_rng.c
+++ b/sys/dev/random/dummy_rng.c
@@ -82,19 +82,13 @@ dummy_random_init(void)
  *
  * Caveat Emptor.
  */
-u_int
+void
 dummy_random_read_phony(uint8_t *buf, u_int count)
 {
 	/* If no entropy device is loaded, don't spam the console with warnings */
-	static int warned = 0;
 	u_long randval;
 	size_t size, i;
 
-	if (!warned) {
-		log(LOG_WARNING, "random device not loaded/active; using insecure pseudo-random number generator\n");
-		warned = 1;
-	}
-
 	/* srandom() is called in kern/init_main.c:proc0_post() */
 
 	/* Fill buf[] with random(9) output */
@@ -103,8 +97,6 @@ dummy_random_read_phony(uint8_t *buf, u_int count)
 		size = MIN(count - i, sizeof(randval));
 		memcpy(buf + i, &randval, (size_t)size);
 	}
-
-	return (count);
 }
 
 struct random_adaptor randomdev_dummy = {
diff --git a/sys/dev/random/random_adaptors.c b/sys/dev/random/random_adaptors.c
index 30f3e3d71898..5a67f50c76bd 100644
--- a/sys/dev/random/random_adaptors.c
+++ b/sys/dev/random/random_adaptors.c
@@ -149,10 +149,14 @@ random_adaptor_choose(void)
 		    (random_adaptor_previous == NULL ? "NULL" : random_adaptor_previous->ra_ident),
 		    random_adaptor->ra_ident);
 #endif
-		if (random_adaptor_previous != NULL)
+		if (random_adaptor_previous != NULL) {
+			randomdev_deinit_reader();
 			(random_adaptor_previous->ra_deinit)();
+		}
 		(random_adaptor->ra_init)();
 	}
+
+	randomdev_init_reader(random_adaptor->ra_read);
 }
 
 
diff --git a/sys/dev/random/randomdev.c b/sys/dev/random/randomdev.c
index c61bed790c35..9d41aedfb4bf 100644
--- a/sys/dev/random/randomdev.c
+++ b/sys/dev/random/randomdev.c
@@ -214,11 +214,11 @@ random_harvest(const void *entropy, u_int count, u_int bits, enum random_entropy
  */
 
 /* Hold the address of the routine which is actually called */
-static u_int (*read_func)(uint8_t *, u_int) = dummy_random_read_phony;
+static void (*read_func)(uint8_t *, u_int) = dummy_random_read_phony;
 
 /* Initialise the reader when/if it is loaded */
 void
-randomdev_init_reader(u_int (*reader)(uint8_t *, u_int))
+randomdev_init_reader(void (*reader)(uint8_t *, u_int))
 {
 
 	read_func = reader;
@@ -240,5 +240,10 @@ int
 read_random(void *buf, int count)
 {
 
-	return ((int)(*read_func)(buf, (u_int)count));
+	if (count < 0)
+		return 0;
+
+	read_func(buf, count);
+
+	return count;
 }
diff --git a/sys/dev/random/randomdev.h b/sys/dev/random/randomdev.h
index 4daf73588078..4ca88ff50fe2 100644
--- a/sys/dev/random/randomdev.h
+++ b/sys/dev/random/randomdev.h
@@ -37,12 +37,12 @@ typedef void random_init_func_t(void);
 typedef void random_deinit_func_t(void);
 
 void randomdev_init_harvester(void (*)(const void *, u_int, u_int, enum random_entropy_source));
-void randomdev_init_reader(u_int (*)(uint8_t *, u_int));
+void randomdev_init_reader(void (*)(uint8_t *, u_int));
 void randomdev_deinit_harvester(void);
 void randomdev_deinit_reader(void);
 
 /* Stub/fake routines for when no entropy processor is loaded */
-extern u_int dummy_random_read_phony(uint8_t *, u_int);
+extern void dummy_random_read_phony(uint8_t *, u_int);
 
 /* kern.random sysctls */
 #ifdef SYSCTL_DECL	/* from sysctl.h */