Decouple yarrow from random(4) device.

* Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" option.
  The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow.

* random(4) device doesn't really depend on rijndael-*.  Yarrow, however, does.

* Add random_adaptors.[ch] which is basically a store of random_adaptor's.
  random_adaptor is basically an adapter that plugs in to random(4).
  random_adaptor can only be plugged in to random(4) very early in bootup.
  Unplugging random_adaptor from random(4) is not supported, and is probably a
  bad idea anyway, due to potential loss of entropy pools.
  We currently have 3 random_adaptors:
  + yarrow
  + rdrand (ivy.c)
  + nehemeiah

* Remove platform dependent logic from probe.c, and move it into
  corresponding registration routines of each random_adaptor provider.
  probe.c doesn't do anything other than picking a specific random_adaptor
  from a list of registered ones.

* If the kernel doesn't have any random_adaptor adapters present then the
  creation of /dev/random is postponed until next random_adaptor is kldload'ed.

* Fix randomdev_soft.c to refer to its own random_adaptor, instead of a
  system wide one.

Submitted by: arthurmesh@gmail.com, obrien
Obtained from: Juniper Networks
Reviewed by: obrien

8 files changed, 192 insertions, 107 deletions

diff --git a/sys/dev/random/ivy.c b/sys/dev/random/ivy.c
index f81c148800b1..0b8da12392de 100644
--- a/sys/dev/random/ivy.c
+++ b/sys/dev/random/ivy.c
@@ -28,16 +28,19 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
-#include "opt_cpu.h"
-
-#ifdef RDRAND_RNG
-
 #include <sys/param.h>
 #include <sys/time.h>
+#include <sys/kernel.h>
 #include <sys/lock.h>
+#include <sys/module.h>
 #include <sys/mutex.h>
 #include <sys/selinfo.h>
 #include <sys/systm.h>
+
+#include <machine/md_var.h>
+#include <machine/specialreg.h>
+
+#include <dev/random/random_adaptors.h>
 #include <dev/random/randomdev.h>
 
 #define	RETRY_COUNT	10
@@ -46,7 +49,7 @@ static void random_ivy_init(void);
 static void random_ivy_deinit(void);
 static int random_ivy_read(void *, int);
 
-struct random_systat random_ivy = {
+struct random_adaptor random_ivy = {
 	.ident = "Hardware, Intel IvyBridge+ RNG",
 	.init = random_ivy_init,
 	.deinit = random_ivy_deinit,
@@ -114,4 +117,32 @@ random_ivy_read(void *buf, int c)
 	return (c - count);
 }
 
+static int
+rdrand_modevent(module_t mod, int type, void *unused)
+{
+
+	switch (type) {
+	case MOD_LOAD:
+		if (cpu_feature2 & CPUID2_RDRAND) {
+			random_adaptor_register("rdrand", &random_ivy);
+			EVENTHANDLER_INVOKE(random_adaptor_attach, &random_ivy);
+			return (0);
+		} else {
+#ifndef KLD_MODULE
+			if (bootverbose)
 #endif
+				printf(
+			    "%s: RDRAND feature is not present on this CPU\n",
+				    random_ivy.ident);
+#ifdef KLD_MODULE
+			return (ENXIO);
+#else
+			return (0);
+#endif
+		}
+	}
+
+	return (EINVAL);
+}
+
+RANDOM_ADAPTOR_MODULE(random_rdrand, rdrand_modevent, 1);
diff --git a/sys/dev/random/nehemiah.c b/sys/dev/random/nehemiah.c
index f3afa89fcf89..e8111155cb50 100644
--- a/sys/dev/random/nehemiah.c
+++ b/sys/dev/random/nehemiah.c
@@ -28,19 +28,20 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
-#include "opt_cpu.h"
-
-#ifdef PADLOCK_RNG
-
 #include <sys/param.h>
 #include <sys/time.h>
 #include <sys/lock.h>
 #include <sys/mutex.h>
+#include <sys/module.h>
 #include <sys/selinfo.h>
 #include <sys/systm.h>
+#include <sys/kernel.h>
 
 #include <machine/pcb.h>
+#include <machine/md_var.h>
+#include <machine/specialreg.h>
 
+#include <dev/random/random_adaptors.h>
 #include <dev/random/randomdev.h>
 
 #define RANDOM_BLOCK_SIZE	256
@@ -50,7 +51,7 @@ static void random_nehemiah_init(void);
 static void random_nehemiah_deinit(void);
 static int random_nehemiah_read(void *, int);
 
-struct random_systat random_nehemiah = {
+struct random_adaptor random_nehemiah = {
 	.ident = "Hardware, VIA Nehemiah",
 	.init = random_nehemiah_init,
 	.deinit = random_nehemiah_deinit,
@@ -208,4 +209,33 @@ random_nehemiah_read(void *buf, int c)
 	return (c);
 }
 
+static int
+nehemiah_modevent(module_t mod, int type, void *unused)
+{
+
+	switch (type) {
+	case MOD_LOAD:
+		if (via_feature_rng & VIA_HAS_RNG) {
+			random_adaptor_register("nehemiah", &random_nehemiah);
+			EVENTHANDLER_INVOKE(random_adaptor_attach,
+			    &random_nehemiah);
+			return (0);
+		} else {
+#ifndef KLD_MODULE
+			if (bootverbose)
 #endif
+				printf(
+			    "%s: VIA RNG feature is not present on this CPU\n",
+				    random_nehemiah.ident);
+#ifdef KLD_MODULE
+			return (ENXIO);
+#else
+			return (0);
+#endif
+		}
+	}
+
+	return (EINVAL);
+}
+
+RANDOM_ADAPTOR_MODULE(nehemiah, nehemiah_modevent, 1);
diff --git a/sys/dev/random/probe.c b/sys/dev/random/probe.c
index d9e70deb1bd0..7039b92606eb 100644
--- a/sys/dev/random/probe.c
+++ b/sys/dev/random/probe.c
@@ -28,66 +28,35 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
-#if defined(__amd64__) || (defined(__i386__) && !defined(PC98))
+#if defined(__amd64__) || defined(__i386__)
 #include "opt_cpu.h"
 #endif
 
-#include <sys/types.h>
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/kernel.h>
-#include <sys/malloc.h>
-#include <sys/random.h>
 #include <sys/selinfo.h>
-#include <sys/sysctl.h>
-
-#if defined(__amd64__) || (defined(__i386__) && !defined(PC98))
-#include <machine/cpufunc.h>
-#include <machine/cputypes.h>
-#include <machine/md_var.h>
-#include <machine/specialreg.h>
-#endif
 
+#include <dev/random/random_adaptors.h>
 #include <dev/random/randomdev.h>
-#include <dev/random/randomdev_soft.h>
-
-#if defined(__amd64__) || (defined(__i386__) && !defined(PC98))
-#ifdef PADLOCK_RNG
-extern struct random_systat random_nehemiah;
-#endif
-#ifdef RDRAND_RNG
-extern struct random_systat random_ivy;
-#endif
-#endif
 
 void
-random_ident_hardware(struct random_systat **systat)
+random_ident_hardware(struct random_adaptor **adaptor)
 {
+	struct random_adaptor *tmp;
+	int enable;
 
-	/* Set default to software */
-	*systat = &random_yarrow;
+	/* Set default to software (yarrow) */
+	*adaptor = random_adaptor_get("yarrow");
 
 	/* Then go looking for hardware */
-#if defined(__amd64__) || (defined(__i386__) && !defined(PC98))
-#ifdef PADLOCK_RNG
-	if (via_feature_rng & VIA_HAS_RNG) {
-		int enable;
-
-		enable = 1;
-		TUNABLE_INT_FETCH("hw.nehemiah_rng_enable", &enable);
-		if (enable)
-			*systat = &random_nehemiah;
-	}
-#endif
-#ifdef RDRAND_RNG
-	if (cpu_feature2 & CPUID2_RDRAND) {
-		int enable;
-
-		enable = 1;
-		TUNABLE_INT_FETCH("hw.ivy_rng_enable", &enable);
-		if (enable)
-			*systat = &random_ivy;
-	}
-#endif
-#endif
+	enable = 1;
+	TUNABLE_INT_FETCH("hw.nehemiah_rng_enable", &enable);
+	if (enable && (tmp = random_adaptor_get("nehemiah")))
+		*adaptor = tmp;
+
+	enable = 1;
+	TUNABLE_INT_FETCH("hw.ivy_rng_enable", &enable);
+	if (enable && (tmp = random_adaptor_get("rdrand")))
+		*adaptor = tmp;
 }
diff --git a/sys/dev/random/randomdev.c b/sys/dev/random/randomdev.c
index 18b17d833d9b..eeef42554e70 100644
--- a/sys/dev/random/randomdev.c
+++ b/sys/dev/random/randomdev.c
@@ -70,12 +70,15 @@ static struct cdevsw random_cdevsw = {
 	.d_name = "random",
 };
 
-struct random_systat *random_systat;
+static struct random_adaptor *random_adaptor;
+static eventhandler_tag attach_tag;
+static int random_inited;
+
 
 /* For use with make_dev(9)/destroy_dev(9). */
 static struct cdev *random_dev;
 
-/* Used to fake out unused random calls in random_systat */
+/* Used to fake out unused random calls in random_adaptor */
 void
 random_null_func(void)
 {
@@ -88,8 +91,8 @@ random_close(struct cdev *dev __unused, int flags, int fmt __unused,
 {
 	if ((flags & FWRITE) && (priv_check(td, PRIV_RANDOM_RESEED) == 0)
 	    && (securelevel_gt(td->td_ucred, 0) == 0)) {
-		(*random_systat->reseed)();
-		random_systat->seeded = 1;
+		(*random_adaptor->reseed)();
+		random_adaptor->seeded = 1;
 		arc4rand(NULL, 0, 1);	/* Reseed arc4random as well. */
 	}
 
@@ -104,8 +107,8 @@ random_read(struct cdev *dev __unused, struct uio *uio, int flag)
 	void *random_buf;
 
 	/* Blocking logic */
-	if (!random_systat->seeded)
-		error = (*random_systat->block)(flag);
+	if (!random_adaptor->seeded)
+		error = (*random_adaptor->block)(flag);
 
 	/* The actual read */
 	if (!error) {
@@ -114,7 +117,7 @@ random_read(struct cdev *dev __unused, struct uio *uio, int flag)
 
 		while (uio->uio_resid > 0 && !error) {
 			c = MIN(uio->uio_resid, PAGE_SIZE);
-			c = (*random_systat->read)(random_buf, c);
+			c = (*random_adaptor->read)(random_buf, c);
 			error = uiomove(random_buf, c, uio);
 		}
 
@@ -139,7 +142,7 @@ random_write(struct cdev *dev __unused, struct uio *uio, int flag __unused)
 		error = uiomove(random_buf, c, uio);
 		if (error)
 			break;
-		(*random_systat->write)(random_buf, c);
+		(*random_adaptor->write)(random_buf, c);
 	}
 
 	free(random_buf, M_TEMP);
@@ -172,14 +175,37 @@ random_poll(struct cdev *dev __unused, int events, struct thread *td)
 	int revents = 0;
 
 	if (events & (POLLIN | POLLRDNORM)) {
-		if (random_systat->seeded)
+		if (random_adaptor->seeded)
 			revents = events & (POLLIN | POLLRDNORM);
 		else
-			revents = (*random_systat->poll) (events,td);
+			revents = (*random_adaptor->poll) (events,td);
 	}
 	return (revents);
 }
 
+static void
+random_initialize(void *p, struct random_adaptor *s)
+{
+	if (random_inited) {
+		printf("random: <%s> already initialized\n",
+		    random_adaptor->ident);
+		return;
+	}
+
+	random_adaptor = s;
+
+	(s->init)();
+
+	printf("random: <%s> initialized\n", s->ident);
+
+	random_dev = make_dev_credf(MAKEDEV_ETERNAL_KLD, &random_cdevsw,
+	    RANDOM_MINOR, NULL, UID_ROOT, GID_WHEEL, 0666, "random");
+	make_dev_alias(random_dev, "urandom");	/* XXX Deprecated */
+
+	/* mark random(4) as initialized, to avoid being called again */
+	random_inited = 1;
+}
+
 /* ARGSUSED */
 static int
 random_modevent(module_t mod __unused, int type, void *data __unused)
@@ -188,23 +214,29 @@ random_modevent(module_t mod __unused, int type, void *data __unused)
 
 	switch (type) {
 	case MOD_LOAD:
-		random_ident_hardware(&random_systat);
-		(*random_systat->init)();
-
-		if (bootverbose)
-			printf("random: <entropy source, %s>\n",
-			    random_systat->ident);
-
-		random_dev = make_dev_credf(MAKEDEV_ETERNAL_KLD, &random_cdevsw,
-		    RANDOM_MINOR, NULL, UID_ROOT, GID_WHEEL, 0666, "random");
-		make_dev_alias(random_dev, "urandom");	/* XXX Deprecated */
+		random_ident_hardware(&random_adaptor);
+
+		if (random_adaptor == NULL) {
+			printf(
+       "random: No random adaptor attached, postponing initialization\n");
+			attach_tag = EVENTHANDLER_REGISTER(random_adaptor_attach,
+			    random_initialize, NULL, EVENTHANDLER_PRI_ANY);
+		} else {
+			random_initialize(NULL, random_adaptor);
+		}
 
 		break;
 
 	case MOD_UNLOAD:
-		(*random_systat->deinit)();
-
-		destroy_dev(random_dev);
+		if (random_adaptor != NULL) {
+			(*random_adaptor->deinit)();
+			destroy_dev(random_dev);
+		}
+		/* Unregister the event handler */
+		if (attach_tag != NULL) {
+			EVENTHANDLER_DEREGISTER(random_adaptor_attach,
+			    attach_tag);
+		}
 
 		break;
 
diff --git a/sys/dev/random/randomdev.h b/sys/dev/random/randomdev.h
index deb683192331..75b2c1980901 100644
--- a/sys/dev/random/randomdev.h
+++ b/sys/dev/random/randomdev.h
@@ -38,7 +38,7 @@ typedef void random_write_func_t(void *, int);
 typedef int random_poll_func_t(int, struct thread *);
 typedef void random_reseed_func_t(void);
 
-struct random_systat {
+struct random_adaptor {
 	struct selinfo		rsel;
 	const char		*ident;
 	int			seeded;
@@ -51,7 +51,5 @@ struct random_systat {
 	random_reseed_func_t	*reseed;
 };
 
-extern struct random_systat *random_systat;
-
-extern void random_ident_hardware(struct random_systat **);
+extern void random_ident_hardware(struct random_adaptor **);
 extern void random_null_func(void);
diff --git a/sys/dev/random/randomdev_soft.c b/sys/dev/random/randomdev_soft.c
index ac4821441338..e2a392576293 100644
--- a/sys/dev/random/randomdev_soft.c
+++ b/sys/dev/random/randomdev_soft.c
@@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/kthread.h>
 #include <sys/lock.h>
 #include <sys/malloc.h>
+#include <sys/module.h>
 #include <sys/mutex.h>
 #include <sys/poll.h>
 #include <sys/proc.h>
@@ -50,6 +51,7 @@ __FBSDID("$FreeBSD$");
 #include <machine/bus.h>
 #include <machine/cpu.h>
 
+#include <dev/random/random_adaptors.h>
 #include <dev/random/randomdev.h>
 #include <dev/random/randomdev_soft.h>
 
@@ -63,7 +65,7 @@ static int random_yarrow_poll(int event,struct thread *td);
 static int random_yarrow_block(int flag);
 static void random_yarrow_flush_reseed(void);
 
-struct random_systat random_yarrow = {
+struct random_adaptor random_yarrow = {
 	.ident = "Software, Yarrow",
 	.init = random_yarrow_init,
 	.deinit = random_yarrow_deinit,
@@ -103,7 +105,7 @@ static int random_kthread_control = 0;
 static struct proc *random_kthread_proc;
 
 /* List for the dynamic sysctls */
-struct sysctl_ctx_list random_clist;
+static struct sysctl_ctx_list random_clist;
 
 /* ARGSUSED */
 static int
@@ -120,25 +122,20 @@ random_yarrow_init(void)
 {
 	int error, i;
 	struct harvest *np;
-	struct sysctl_oid *random_o, *random_sys_o, *random_sys_harvest_o;
+	struct sysctl_oid *random_sys_o, *random_sys_harvest_o;
 	enum esource e;
 
-	random_o = SYSCTL_ADD_NODE(&random_clist,
-	    SYSCTL_STATIC_CHILDREN(_kern),
-	    OID_AUTO, "random", CTLFLAG_RW, 0,
-	    "Software Random Number Generator");
-
-	random_yarrow_init_alg(&random_clist, random_o);
+	random_yarrow_init_alg(&random_clist);
 
 	random_sys_o = SYSCTL_ADD_NODE(&random_clist,
-	    SYSCTL_CHILDREN(random_o),
+	    SYSCTL_STATIC_CHILDREN(_kern_random),
 	    OID_AUTO, "sys", CTLFLAG_RW, 0,
 	    "Entropy Device Parameters");
 
 	SYSCTL_ADD_PROC(&random_clist,
 	    SYSCTL_CHILDREN(random_sys_o),
 	    OID_AUTO, "seeded", CTLTYPE_INT | CTLFLAG_RW,
-	    &random_systat->seeded, 1, random_check_boolean, "I",
+	    &random_yarrow.seeded, 1, random_check_boolean, "I",
 	    "Seeded State");
 
 	random_sys_harvest_o = SYSCTL_ADD_NODE(&random_clist,
@@ -362,10 +359,10 @@ random_yarrow_write(void *buf, int count)
 void
 random_yarrow_unblock(void)
 {
-	if (!random_systat->seeded) {
-		random_systat->seeded = 1;
-		selwakeuppri(&random_systat->rsel, PUSER);
-		wakeup(random_systat);
+	if (!random_yarrow.seeded) {
+		random_yarrow.seeded = 1;
+		selwakeuppri(&random_yarrow.rsel, PUSER);
+		wakeup(&random_yarrow);
 	}
 	(void)atomic_cmpset_int(&arc4rand_iniseed_state, ARC4_ENTR_NONE,
 	    ARC4_ENTR_HAVE);
@@ -377,10 +374,10 @@ random_yarrow_poll(int events, struct thread *td)
 	int revents = 0;
 	mtx_lock(&random_reseed_mtx);
 
-	if (random_systat->seeded)
+	if (random_yarrow.seeded)
 		revents = events & (POLLIN | POLLRDNORM);
 	else
-		selrecord(td, &random_systat->rsel);
+		selrecord(td, &random_yarrow.rsel);
 
 	mtx_unlock(&random_reseed_mtx);
 	return revents;
@@ -394,12 +391,12 @@ random_yarrow_block(int flag)
 	mtx_lock(&random_reseed_mtx);
 
 	/* Blocking logic */
-	while (!random_systat->seeded && !error) {
+	while (!random_yarrow.seeded && !error) {
 		if (flag & O_NONBLOCK)
 			error = EWOULDBLOCK;
 		else {
 			printf("Entropy device is blocking.\n");
-			error = msleep(random_systat,
+			error = msleep(&random_yarrow,
 			    &random_reseed_mtx,
 			    PUSER | PCATCH, "block", 0);
 		}
@@ -420,3 +417,30 @@ random_yarrow_flush_reseed(void)
 
 	random_yarrow_reseed();
 }
+
+static int
+yarrow_modevent(module_t mod, int type, void *unused)
+{
+
+	switch (type) {
+	case MOD_LOAD:
+		random_adaptor_register("yarrow", &random_yarrow);
+		/*
+		 * For statically built kernels that contain both random.ko and
+		 * *_rng.ko, this event handler will do nothing, since
+		 * random.ko is loaded after *_rng.ko's, and hence hasn't yet
+		 * registered for this event.
+		 *
+		 * In case where both random.ko and *_rng.ko are built as
+		 * modules, random.ko is loaded prior to *_rng.ko's (by
+		 * dependency). This event handler is there to delay creation
+		 * of /dev/{u,}random and attachment of this *_rng.ko.
+		 */
+		EVENTHANDLER_INVOKE(random_adaptor_attach, &random_yarrow);
+		return (0);
+	}
+
+	return (EINVAL);
+}
+
+RANDOM_ADAPTOR_MODULE(yarrow, yarrow_modevent, 1);
diff --git a/sys/dev/random/randomdev_soft.h b/sys/dev/random/randomdev_soft.h
index 489d45a3c5fd..2007694c50a2 100644
--- a/sys/dev/random/randomdev_soft.h
+++ b/sys/dev/random/randomdev_soft.h
@@ -72,10 +72,10 @@ void random_process_event(struct harvest *event);
 void random_yarrow_reseed(void);
 void random_yarrow_unblock(void);
 
-void random_yarrow_init_alg(struct sysctl_ctx_list *, struct sysctl_oid *);
+void random_yarrow_init_alg(struct sysctl_ctx_list *);
 void random_yarrow_deinit_alg(void);
 
-extern struct random_systat random_yarrow;
+extern struct random_adaptor random_yarrow;
 extern struct mtx random_reseed_mtx;
 
 /* If this was c++, this would be a template */
diff --git a/sys/dev/random/yarrow.c b/sys/dev/random/yarrow.c
index 6f631bb11137..09f079afa728 100644
--- a/sys/dev/random/yarrow.c
+++ b/sys/dev/random/yarrow.c
@@ -41,6 +41,7 @@ __FBSDID("$FreeBSD$");
 #include <crypto/sha2/sha2.h>
 
 #include <dev/random/hash.h>
+#include <dev/random/random_adaptors.h>
 #include <dev/random/randomdev_soft.h>
 #include <dev/random/yarrow.h>
 
@@ -101,7 +102,7 @@ random_process_event(struct harvest *event)
 }
 
 void
-random_yarrow_init_alg(struct sysctl_ctx_list *clist, struct sysctl_oid *in_o)
+random_yarrow_init_alg(struct sysctl_ctx_list *clist)
 {
 	int i;
 	struct sysctl_oid *random_yarrow_o;
@@ -110,7 +111,7 @@ random_yarrow_init_alg(struct sysctl_ctx_list *clist, struct sysctl_oid *in_o)
 	 * have a very good clue about what they do!
 	 */
 	random_yarrow_o = SYSCTL_ADD_NODE(clist,
-		SYSCTL_CHILDREN(in_o),
+		SYSCTL_STATIC_CHILDREN(_kern_random),
 		OID_AUTO, "yarrow", CTLFLAG_RW, 0,
 		"Yarrow Parameters");