diff options
-rw-r--r-- | .SRCINFO | 28 | ||||
-rw-r--r-- | 99-havege-udev.rules | 2 | ||||
-rw-r--r-- | Kbuild | 6 | ||||
-rw-r--r-- | LICENSE | 339 | ||||
-rw-r--r-- | Makefile | 15 | ||||
-rw-r--r-- | PKGBUILD | 54 | ||||
-rw-r--r-- | README.md | 288 | ||||
-rw-r--r-- | body.h | 118 | ||||
-rw-r--r-- | dkms.conf | 7 | ||||
-rw-r--r-- | havege.c | 389 | ||||
-rw-r--r-- | step.h | 121 |
11 files changed, 1367 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..8049ddc38001 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,28 @@ +pkgbase = havege-dkms + pkgdesc = HArdware Volatile Entropy Gathering & Expansion kernel module + pkgver = 1.0.0 + pkgrel = 1 + arch = x86_64 + groups = leogx9r + license = GPL + depends = dkms + provides = havege-1.0.0 + source = step.h + source = body.h + source = havege.c + source = Kbuild + source = Makefile + source = dkms.conf + source = LICENSE + source = 99-havege-udev.rules + sha256sums = d280bcda294824f26eb19490e0caf50af2b4a61d2dd8ffa2a6f3002631e2c95d + sha256sums = eab8a8ad347eebd5a9ab5d540c8917736d8b330baae0e595a30dc6414302a22a + sha256sums = 6801f4711a64cd5924f9d17d751919a0f3c4ec4797b319b92f8744aaea8bdcd0 + sha256sums = a7d29866566640c5bbd35dcacffbf3ca4b3bc9b2fde5adf05671a3881ef9a52e + sha256sums = 11bc0a630c6a3d9a7ca2563432aba1d4f4b539941423640428d3cc5b449a22b0 + sha256sums = 46863364b2f9db6aa75fea98f2430452b72361c73b88436aec8b5a1ff52952e7 + sha256sums = 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 + sha256sums = 08278f2efef8514505ee76c2d031588353f1663bba243877f78c3f365cf3db2c + +pkgname = havege-dkms + diff --git a/99-havege-udev.rules b/99-havege-udev.rules new file mode 100644 index 000000000000..4f99e1bc7a34 --- /dev/null +++ b/99-havege-udev.rules @@ -0,0 +1,2 @@ +# Rule to allow HAVEGE character device to be read-only for root and users. +KERNEL=="havege", OWNER="root", GROUP="root", MODE="0444"
\ No newline at end of file diff --git a/Kbuild b/Kbuild new file mode 100644 index 000000000000..78772d3377ae --- /dev/null +++ b/Kbuild @@ -0,0 +1,6 @@ +EXTRA_CFLAGS += -Wall -D__MODULE__ -DFORTIFY_SOURCE=2 -DRANDSTRUCT_PLUGIN -DCONSTIFY_PLUGIN -DSTRUCTLEAK_PLUGIN -DLATENT_ENTROPY_PLUGIN -fstack-protector-strong + +obj-m := havege.o +CFLAGS_havege.o := -O2 + +clean-files := *~
\ No newline at end of file diff --git a/LICENSE b/LICENSE new file mode 100644 index 000000000000..d159169d1050 --- /dev/null +++ b/LICENSE @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/Makefile b/Makefile new file mode 100644 index 000000000000..13f677f343dd --- /dev/null +++ b/Makefile @@ -0,0 +1,15 @@ +TARGET_MODULE := havege +BUILDSYSTEM_DIR := /lib/modules/$(shell cat /lib/modules/extramodules-*/version)/build +PWD := $(shell pwd) + +all : + $(MAKE) -C $(BUILDSYSTEM_DIR) M=$(PWD) modules +clean: + $(MAKE) -C $(BUILDSYSTEM_DIR) M=$(PWD) clean +reload: + rmmod ./$(TARGET_MODULE).ko + insmod ./$(TARGET_MODULE).ko +load: + insmod ./$(TARGET_MODULE).ko +unload: + rmmod ./$(TARGET_MODULE).ko diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..1817c68ba2e0 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,54 @@ +# Author: Leonardo Gates <leogx9r> +# Maintainer: Leonardo Gates <leogx9r> +_pkgname=havege +pkgname=${_pkgname}-dkms +pkgver=1.0.0 +pkgrel=1 +pkgdesc="HArdware Volatile Entropy Gathering & Expansion kernel module" + +arch=('x86_64') +license=('GPL') +groups=('leogx9r') + +depends=('dkms') +provides=("${_pkgname}-${pkgver}") + +source=('step.h' + 'body.h' + 'havege.c' + 'Kbuild' + 'Makefile' + 'dkms.conf' + 'LICENSE' + '99-havege-udev.rules') + +sha256sums=('d280bcda294824f26eb19490e0caf50af2b4a61d2dd8ffa2a6f3002631e2c95d' + 'eab8a8ad347eebd5a9ab5d540c8917736d8b330baae0e595a30dc6414302a22a' + '6801f4711a64cd5924f9d17d751919a0f3c4ec4797b319b92f8744aaea8bdcd0' + 'a7d29866566640c5bbd35dcacffbf3ca4b3bc9b2fde5adf05671a3881ef9a52e' + '11bc0a630c6a3d9a7ca2563432aba1d4f4b539941423640428d3cc5b449a22b0' + '46863364b2f9db6aa75fea98f2430452b72361c73b88436aec8b5a1ff52952e7' + '8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643' + '08278f2efef8514505ee76c2d031588353f1663bba243877f78c3f365cf3db2c') + +package() { + msg2 "Installing ..." + + cd "$srcdir" + install -Dm644 dkms.conf "$pkgdir/usr/src/${_pkgname}-${pkgver}/dkms.conf" + + sed -e "s/@_PKGBASE@/${_pkgname}-${pkgver}/" \ + -e "s/@PKGVER@/${pkgver}/" \ + -i "${pkgdir}"/usr/src/${_pkgname}-${pkgver}/dkms.conf + + install -Dm644 99-havege-udev.rules "$pkgdir/etc/udev/rules.d/99-havege-udev.rules" + install -Dm644 step.h "$pkgdir/usr/src/${_pkgname}-${pkgver}/step.h" + install -Dm644 body.h "$pkgdir/usr/src/${_pkgname}-${pkgver}/body.h" + install -Dm644 havege.c "$pkgdir/usr/src/${_pkgname}-${pkgver}/havege.c" + install -Dm644 Makefile "$pkgdir/usr/src/${_pkgname}-${pkgver}/Makefile" + install -Dm644 Kbuild "$pkgdir/usr/src/${_pkgname}-${pkgver}/Kbuild" + install -Dm644 LICENSE "$pkgdir/usr/src/${_pkgname}-${pkgver}/LICENSE" + + msg2 "Building module ..." + dkms install --all $_pkgname/$pkgver +} diff --git a/README.md b/README.md new file mode 100644 index 000000000000..f7da3e9c17ba --- /dev/null +++ b/README.md @@ -0,0 +1,288 @@ +# HAVEGE Kernel Driver + +This is a Linux kernel driver that implements the [HAVEGE](https://www.irisa.fr/caps/projects/hipsor/) + algorithm to gather entropy from system and cache timings. + +The driver implements a character device at `/dev/havege` that outputs raw binary data. + +This data can then be used for reseeding the internal kernel entropy pool or for other + purposes where random numbers are needed. + +This project is licensed under the GPL. Please see the [LICENSE](LICENSE) for more information. + +# Installation + +There are two ways to install this driver. The first involves compiling it normally against + the current running kernel and loading it manually. + +```sh +# make all -j`nproc` +# insmod havege.ko +``` + +The second method involves the use of [DKMS](https://en.wikipedia.org/wiki/Dynamic_Kernel_Module_Support) + to automatically build the driver every time the kernel is updated. + +For this purpose, a [dkms.conf](dkms.conf) file was added allowing you to install this + driver as a DKMS package. Please refer to your distribution's guide to install DKMS packages. + +*N.B.* For Arch Linux users, you can simply clone this repository and run `makepkg -s` to + build the DKMS module. + +# UDEV Rule + +By default, the character device implemented ( `/dev/havege` ) can only be read by the root user. + +To allow the file to be read by all users, a udev rule was added. Simply copy the file to your + rules folder before loading the kernel module to allow users to read it. + +```sh +# cp 99-havege-udev.rules /etc/rules.d/99-havege-udev.rules +# modprobe havege +``` + +# Enhancing The Kernel Entropy Pool + +For those wishing to use this driver to refill the kernel entropy pool, you must install `rng-tools` + for your specific distribution. + +After wish, direct `rngd` to use the character device provided to refill the kernel's entropy pool. + +If using the service `rngd.service`, you must edit your default `rngd` configuration file. + +```sh +# rngd -f -r /dev/havege +``` +# Modifying Behavior + +The driver comes with two parameters that may be modified to change how many times the system is + polled for entropy during each reseeding or initial reseeding. + +The initial specification uses 32 steps for both initial seeding and reseeding. + +This driver uses 64 steps instead which produces throughput at roughly 30 MB/s on an + `i7-4790` processor clocked at 3.60 GHz. Increasing these parameters will increase or decrease + the throughput accordingly. + +You can view these parameters using `modinfo` and apply them by creating a `modprobe` rule in + `/etc/modprobe.d/`. + +# Tests + +To ensure the driver works as intended, various tests were performed using well known tools. + +These being the `rngtest` program, provided by `rng-tools`, `ent` and `dieharder`. + +For `rngtest` and `ent`, a 25 MiB sample generated as follows: + +```sh + $ ➜ dd if=/dev/havege of=sample.bin bs=1k count=25k iflag=fullblock +``` + +This sample file was used for the tests as follows: + +```sh +$ ent sample.bin + +Entropy = 7.999993 bits per byte. + +Optimum compression would reduce the size +of this 25000960 byte file by 0 percent. + +Chi square distribution for 25000960 samples is 254.62, and randomly +would exceed this value 49.49 percent of the times. + +Arithmetic mean value of data bytes is 127.4976 (127.5 = random). +Monte Carlo value for Pi is 3.142048168 (error 0.01 percent). +Serial correlation coefficient is -0.000219 (totally uncorrelated = 0.0). +``` + +```sh + $ ➜ rngtest < sample.bin + +rngtest 6.6 +Copyright (c) 2004 by Henrique de Moraes Holschuh +This is free software; see the source for copying conditions. +There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +rngtest: starting FIPS tests... +rngtest: entropy source drained +rngtest: bits received from input: 200007680 +rngtest: FIPS 140-2 successes: 9993 +rngtest: FIPS 140-2 failures: 7 +rngtest: FIPS 140-2(2001-10-10) Monobit: 1 +rngtest: FIPS 140-2(2001-10-10) Poker: 0 +rngtest: FIPS 140-2(2001-10-10) Runs: 5 +rngtest: FIPS 140-2(2001-10-10) Long run: 1 +rngtest: FIPS 140-2(2001-10-10) Continuous run: 0 +rngtest: input channel speed: (min=1.693; avg=25.960; max=18.626)Gibits/s +rngtest: FIPS tests speed: (min=103.100; avg=218.266; max=224.394)Mibits/s +rngtest: Program run time: 881882 microseconds +``` + +Then `dieharder` was run with the following flags: + +- `-k 2` - Run the tests using maximum precision at the cost of throughput. +- `-Y 1` - 'resolve ambiguity' (RA) mode. If a test returns 'weak', this reruns it using a + larger number of psamples in increments of 100 till it either fails fully or passes. +- `-a` - Runs all the tests with standard/default options + +This was run directly from the character device yielding the following results: + +```sh + $ ➜ dd if=/dev/havege bs=10M iflag=fullblock | dieharder -Y 1 -k 2 -a + +#=============================================================================# +# dieharder version 3.31.1 Copyright 2003 Robert G. Brown # +#=============================================================================# + rng_name |rands/second| Seed | + mt19937| 1.54e+08 |4189723306| +#=============================================================================# + test_name |ntup| tsamples |psamples| p-value |Assessment +#=============================================================================# + diehard_birthdays| 0| 100| 100|0.07828562| PASSED + diehard_operm5| 0| 1000000| 100|0.24618768| PASSED + diehard_rank_32x32| 0| 40000| 100|0.80501063| PASSED + diehard_rank_6x8| 0| 100000| 100|0.83317286| PASSED + diehard_bitstream| 0| 2097152| 100|0.56375314| PASSED + diehard_opso| 0| 2097152| 100|0.69228339| PASSED + diehard_oqso| 0| 2097152| 100|0.72100905| PASSED + diehard_dna| 0| 2097152| 100|0.79020740| PASSED +diehard_count_1s_str| 0| 256000| 100|0.62718998| PASSED +diehard_count_1s_byt| 0| 256000| 100|0.81067746| PASSED + diehard_parking_lot| 0| 12000| 100|0.62905479| PASSED + diehard_2dsphere| 2| 8000| 100|0.11269347| PASSED + diehard_3dsphere| 3| 4000| 100|0.58435569| PASSED + diehard_squeeze| 0| 100000| 100|0.69140466| PASSED + diehard_sums| 0| 100| 100|0.03990886| PASSED + diehard_runs| 0| 100000| 100|0.51357242| PASSED + diehard_runs| 0| 100000| 100|0.52397010| PASSED + diehard_craps| 0| 200000| 100|0.81900152| PASSED + diehard_craps| 0| 200000| 100|0.76929002| PASSED + marsaglia_tsang_gcd| 0| 10000000| 100|0.15679060| PASSED + marsaglia_tsang_gcd| 0| 10000000| 100|0.40846035| PASSED + sts_monobit| 1| 100000| 100|0.92019722| PASSED + sts_runs| 2| 100000| 100|0.89305950| PASSED + sts_serial| 1| 100000| 100|0.71650275| PASSED + sts_serial| 2| 100000| 100|0.43694160| PASSED + sts_serial| 3| 100000| 100|0.97264959| PASSED + sts_serial| 3| 100000| 100|0.89108668| PASSED + sts_serial| 4| 100000| 100|0.54264432| PASSED + sts_serial| 4| 100000| 100|0.37555075| PASSED + sts_serial| 5| 100000| 100|0.78949709| PASSED + sts_serial| 5| 100000| 100|0.40606125| PASSED + sts_serial| 6| 100000| 100|0.97969978| PASSED + sts_serial| 6| 100000| 100|0.79414091| PASSED + sts_serial| 7| 100000| 100|0.80494445| PASSED + sts_serial| 7| 100000| 100|0.99538345| WEAK + sts_serial| 8| 100000| 100|0.68028996| PASSED + sts_serial| 8| 100000| 100|0.33495704| PASSED + sts_serial| 9| 100000| 100|0.57681976| PASSED + sts_serial| 9| 100000| 100|0.45092761| PASSED + sts_serial| 10| 100000| 100|0.64251408| PASSED + sts_serial| 10| 100000| 100|0.25023464| PASSED + sts_serial| 11| 100000| 100|0.53638706| PASSED + sts_serial| 11| 100000| 100|0.91582355| PASSED + sts_serial| 12| 100000| 100|0.18660413| PASSED + sts_serial| 12| 100000| 100|0.93968726| PASSED + sts_serial| 13| 100000| 100|0.47663887| PASSED + sts_serial| 13| 100000| 100|0.22058456| PASSED + sts_serial| 14| 100000| 100|0.69650537| PASSED + sts_serial| 14| 100000| 100|0.67749838| PASSED + sts_serial| 15| 100000| 100|0.99327337| PASSED + sts_serial| 15| 100000| 100|0.69469078| PASSED + sts_serial| 16| 100000| 100|0.59125350| PASSED + sts_serial| 16| 100000| 100|0.98966700| PASSED + sts_serial| 1| 100000| 200|0.19601400| PASSED + sts_serial| 2| 100000| 200|0.33826281| PASSED + sts_serial| 3| 100000| 200|0.22209718| PASSED + sts_serial| 3| 100000| 200|0.83091121| PASSED + sts_serial| 4| 100000| 200|0.12860004| PASSED + sts_serial| 4| 100000| 200|0.97207073| PASSED + sts_serial| 5| 100000| 200|0.11692114| PASSED + sts_serial| 5| 100000| 200|0.26192745| PASSED + sts_serial| 6| 100000| 200|0.47520472| PASSED + sts_serial| 6| 100000| 200|0.97632585| PASSED + sts_serial| 7| 100000| 200|0.86177050| PASSED + sts_serial| 7| 100000| 200|0.73921982| PASSED + sts_serial| 8| 100000| 200|0.66482804| PASSED + sts_serial| 8| 100000| 200|0.75521757| PASSED + sts_serial| 9| 100000| 200|0.86263171| PASSED + sts_serial| 9| 100000| 200|0.34619180| PASSED + sts_serial| 10| 100000| 200|0.98828662| PASSED + sts_serial| 10| 100000| 200|0.63457556| PASSED + sts_serial| 11| 100000| 200|0.56678030| PASSED + sts_serial| 11| 100000| 200|0.69667576| PASSED + sts_serial| 12| 100000| 200|0.73423841| PASSED + sts_serial| 12| 100000| 200|0.67862680| PASSED + sts_serial| 13| 100000| 200|0.70115984| PASSED + sts_serial| 13| 100000| 200|0.23922799| PASSED + sts_serial| 14| 100000| 200|0.98543778| PASSED + sts_serial| 14| 100000| 200|0.50529911| PASSED + sts_serial| 15| 100000| 200|0.36004982| PASSED + sts_serial| 15| 100000| 200|0.17283932| PASSED + sts_serial| 16| 100000| 200|0.53274108| PASSED + sts_serial| 16| 100000| 200|0.56658655| PASSED + rgb_bitdist| 1| 100000| 100|0.80659811| PASSED + rgb_bitdist| 2| 100000| 100|0.77944380| PASSED + rgb_bitdist| 3| 100000| 100|0.66530230| PASSED + rgb_bitdist| 4| 100000| 100|0.13074912| PASSED + rgb_bitdist| 5| 100000| 100|0.10877526| PASSED + rgb_bitdist| 6| 100000| 100|0.86446353| PASSED + rgb_bitdist| 7| 100000| 100|0.98502972| PASSED + rgb_bitdist| 8| 100000| 100|0.71678227| PASSED + rgb_bitdist| 9| 100000| 100|0.63339078| PASSED + rgb_bitdist| 10| 100000| 100|0.83608462| PASSED + rgb_bitdist| 11| 100000| 100|0.15566276| PASSED + rgb_bitdist| 12| 100000| 100|0.52103141| PASSED +rgb_minimum_distance| 2| 10000| 1000|0.87156380| PASSED +rgb_minimum_distance| 3| 10000| 1000|0.79089173| PASSED +rgb_minimum_distance| 4| 10000| 1000|0.22133014| PASSED +rgb_minimum_distance| 5| 10000| 1000|0.30816676| PASSED + rgb_permutations| 2| 100000| 100|0.70997391| PASSED + rgb_permutations| 3| 100000| 100|0.16735842| PASSED + rgb_permutations| 4| 100000| 100|0.74315136| PASSED + rgb_permutations| 5| 100000| 100|0.99564663| WEAK + rgb_permutations| 5| 100000| 200|0.73122983| PASSED + rgb_lagged_sum| 0| 1000000| 100|0.14206609| PASSED + rgb_lagged_sum| 1| 1000000| 100|0.76954863| PASSED + rgb_lagged_sum| 2| 1000000| 100|0.80043208| PASSED + rgb_lagged_sum| 3| 1000000| 100|0.45648849| PASSED + rgb_lagged_sum| 4| 1000000| 100|0.90035262| PASSED + rgb_lagged_sum| 5| 1000000| 100|0.46099924| PASSED + rgb_lagged_sum| 6| 1000000| 100|0.17885043| PASSED + rgb_lagged_sum| 7| 1000000| 100|0.93997311| PASSED + rgb_lagged_sum| 8| 1000000| 100|0.26356022| PASSED + rgb_lagged_sum| 9| 1000000| 100|0.25486242| PASSED + rgb_lagged_sum| 10| 1000000| 100|0.95460356| PASSED + rgb_lagged_sum| 11| 1000000| 100|0.24742445| PASSED + rgb_lagged_sum| 12| 1000000| 100|0.47326246| PASSED + rgb_lagged_sum| 13| 1000000| 100|0.18139624| PASSED + rgb_lagged_sum| 14| 1000000| 100|0.24961440| PASSED + rgb_lagged_sum| 15| 1000000| 100|0.60006813| PASSED + rgb_lagged_sum| 16| 1000000| 100|0.95799649| PASSED + rgb_lagged_sum| 17| 1000000| 100|0.25125998| PASSED + rgb_lagged_sum| 18| 1000000| 100|0.27818535| PASSED + rgb_lagged_sum| 19| 1000000| 100|0.76062551| PASSED + rgb_lagged_sum| 20| 1000000| 100|0.09752780| PASSED + rgb_lagged_sum| 21| 1000000| 100|0.62887918| PASSED + rgb_lagged_sum| 22| 1000000| 100|0.89325033| PASSED + rgb_lagged_sum| 23| 1000000| 100|0.52161424| PASSED + rgb_lagged_sum| 24| 1000000| 100|0.82893665| PASSED + rgb_lagged_sum| 25| 1000000| 100|0.62524900| PASSED + rgb_lagged_sum| 26| 1000000| 100|0.12340213| PASSED + rgb_lagged_sum| 27| 1000000| 100|0.18904618| PASSED + rgb_lagged_sum| 28| 1000000| 100|0.91897446| PASSED + rgb_lagged_sum| 29| 1000000| 100|0.08619284| PASSED + rgb_lagged_sum| 30| 1000000| 100|0.34386569| PASSED + rgb_lagged_sum| 31| 1000000| 100|0.78404592| PASSED + rgb_lagged_sum| 32| 1000000| 100|0.83746391| PASSED + rgb_kstest_test| 0| 10000| 1000|0.21168760| PASSED + dab_bytedistrib| 0| 51200000| 1|0.41140405| PASSED + dab_dct| 256| 50000| 1|0.30160704| PASSED + dab_filltree| 32| 15000000| 1|0.58112590| PASSED + dab_filltree| 32| 15000000| 1|0.32213300| PASSED + dab_filltree2| 0| 5000000| 1|0.77375471| PASSED + dab_filltree2| 1| 5000000| 1|0.24311552| PASSED + dab_monobit2| 12| 65000000| 1|0.75745817| PASSED +```
\ No newline at end of file diff --git a/body.h b/body.h new file mode 100644 index 000000000000..227996c3cc52 --- /dev/null +++ b/body.h @@ -0,0 +1,118 @@ +/** + * Performs a full round for HAVEGE. + * Copyright (C) 2018 Leonardo Gates + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef HAVEGE_BRANCH_STRESS + #define HAVEGE_BRANCH_STRESS \ + if ( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if ( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if ( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if ( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if( flags & 1 ) { \ + flags = ( flags ^ 3 ) >> 1; \ + if( flags & 1 ) \ + flags = ( flags ^ 3 ) >> 1; \ + } \ + } \ + } \ + } \ + } \ + } \ + } \ + } \ + } +#endif /* HAVEGE_BRANCH_STRESS */ + +#ifndef HARDCLOCK + #define HARDCLOCK( x ) x = ( u32 )( rdtsc() & 0xffffffff ) +#endif /* HARDCLOCK */ + +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" +#include "step.h" diff --git a/dkms.conf b/dkms.conf new file mode 100644 index 000000000000..4a2f254ef1a1 --- /dev/null +++ b/dkms.conf @@ -0,0 +1,7 @@ +PACKAGE_NAME="@_PKGBASE@" +PACKAGE_VERSION="@PKGVER@" +MAKE[0]="make -j`nproc`" +CLEAN="make clean" +BUILT_MODULE_NAME[0]="havege" +DEST_MODULE_LOCATION[0]="/kernel/drivers/char" +AUTOINSTALL="yes"
\ No newline at end of file diff --git a/havege.c b/havege.c new file mode 100644 index 000000000000..b9bbb07082d5 --- /dev/null +++ b/havege.c @@ -0,0 +1,389 @@ +/** + * Core HAVEGE Driver + * Copyright (C) 2018 Leonardo Gates + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include <linux/version.h> +#include <linux/init.h> +#include <linux/module.h> +#include <linux/kernel.h> +#include <linux/fs.h> +#include <linux/slab.h> +#include <linux/cdev.h> +#include <linux/uaccess.h> +#include <linux/semaphore.h> +#include <linux/kthread.h> +#include <linux/random.h> +#include <asm/msr.h> + +/*********************** + * Driver Constants * + ***********************/ + +#define DRIVER_AUTH "Leonardo Gates <leogx9r>" +#define DRIVER_DESC "Extracts entropy from the system using the HAVEGE algorithm" +#define DRIVER_NAME "havege" +#define DRIVER_VERS "1.00" + +#define DRIVER_MAJOR 1 +#define DRIVER_MINOR 0 + +#define KERROR KERN_ERR DRIVER_NAME ": " +#define KNOTICE KERN_NOTICE DRIVER_NAME ": " + +/************************ + * Driver Char Device * + ************************/ + +/* Bytes to transfer at a time. */ +#define CHUNK_TRANSFER_SZ 512 +/* Number of words in the pool. */ +#define HAVEGE_POOL_WORDS 0x40000 +/* Number of bytes in the pool. */ +#define HAVEGE_POOL_SIZE ( ( HAVEGE_POOL_WORDS + 16384 ) * sizeof( u32 ) ) +/* Size of the walking table in bytes. */ +#define WALK_TABLE_SIZE ( 8192 * sizeof( u32 ) ) + +static ssize_t havege_read( struct file* pfile, char __user* buf, size_t length, loff_t* fpos ); +static int havege_open( struct inode* inode, struct file* pfile ); + +static struct class* havege_class; +static dev_t havege_dev; + +static u32 transfer_buffer[ CHUNK_TRANSFER_SZ ] __latent_entropy; + +static int havege_init_steps = 64; +static int havege_reseed_steps = 64; + +static struct file_operations havege_fops = { + .owner = THIS_MODULE, + .open = havege_open, + .read = havege_read, +}; + +/************************* + * HAVEGE Algorithm Base * + *************************/ + +struct havege_state { + /* Pointer to the current word being read from the pool. */ + u32 pidx; + /* Array of words containing result information. */ + u32* pool; + /* Size in words of the result pool. */ + ssize_t pool_size; + + /* Table walking. */ + u32* walk_tbl; + u32* walk_ptr; + + /* Permuting values. */ + u32 P1[2]; + u32 P2[2]; + + /* Timing information. */ + u32 clock; + u32 freq; + + /* Device information. */ + struct semaphore lock; + struct cdev dev; + +} __randomize_layout; + +static struct havege_state* cstate; + +/** + * Collects timing information from the system and adds it to the state. + */ +static void havege_collect( struct havege_state* state ) { + u32 i, j, k, flags, *pt[4], *tmp; + + i = 0; + k = 0; + + /* Update each word in the state. */ + while( i < state->pool_size ) { + /* Do we force preemption now ? */ + if( ( i - k ) >= state->freq ) { + k = i; + schedule(); + } + + /* Schedule when necessary. */ + if( need_resched() ) + schedule(); + + /* Perform the main loop. */ + #include "body.h" + } +} + +/** + * Cleans up any state allocated information. + */ +static void havege_cleanup( struct havege_state* state ) { + if( !state ) + return; + + /* Zero the walking table and free it if allocated. */ + if( state->walk_tbl ) { + memzero_explicit( state->walk_tbl, WALK_TABLE_SIZE ); + vfree( state->walk_tbl ); + } + + /* Zero out the pool and free it if allocated. */ + if( state->pool ) { + memzero_explicit( state->pool, HAVEGE_POOL_SIZE ); + vfree( state->pool ); + } + + /* Finally free the kernel memory. */ + memzero_explicit( state, sizeof( struct havege_state ) ); + kfree( state ); +} + +/** + * Sets up a state structure for collection. + */ +static struct havege_state* havege_setup( u32 pool_size ) { + struct havege_state* state; + + /* Allocate the actual state in the kernel. */ + state = kmalloc( sizeof( struct havege_state ), GFP_KERNEL ); + if ( !state ) { + printk( KERROR "failed to allocate initial state\n" ); + return NULL; + } + + /* Zero out everything. */ + memset( state, 0, sizeof( struct havege_state ) ); + + /* By default, we point the pool here to schedule an initial run. */ + state->pidx = HAVEGE_POOL_WORDS * 2; + + /* And store the pool size. */ + state->pool_size = pool_size; + + /* Allocate the entire pool + 64k in virtual memory since we may not have enough kmem. */ + state->pool = vmalloc( HAVEGE_POOL_SIZE ); + if( !state->pool ) { + printk( KERROR "failed to allocate pool table for state\n" ); + goto __bail_out; + } + + /* Also allocate the walk table ( 32k ) virtually. */ + state->walk_tbl = vmalloc( WALK_TABLE_SIZE ); + state->walk_ptr = state->walk_tbl; + if( !state->walk_tbl ) { + printk( KERROR "failed to allocate walk table for state\n" ); + goto __bail_out; + } + + /* And initialize the semaphore. We allow one read at a time. */ + sema_init( &state->lock, 1 ); + if( &state->lock == NULL ) { + printk( KERROR "failed to initialize semaphore lock for state\n" ); + goto __bail_out; + } + + /* Preemption refills the pool roughly 1/16th tick. */ + state->freq = pool_size >> 4; + + return state; + + +__bail_out: + + /* Cleanup allocated memory if any. */ + havege_cleanup( state ); + + printk( KERROR "unable to allocate resources required\n" ); + return NULL; +} + +/** + * Extracts a word from the state. + * Updates the state internally prior to extraction if required. + */ +static inline u32 havege_extract( void ) { + u32 i, steps; + + /* Do we need to regather entropy ? */ + if( cstate->pidx >= cstate->pool_size ) { + /* Perform initial gathering if required. */ + if( cstate->pidx >= cstate->pool_size * 2 ) { + cstate->walk_ptr = ( u32* )( ( ( unsigned long long )&cstate->walk_tbl[ 4096 ] ) & 0xfffffffffffff000 ); + + steps = ( havege_init_steps * HAVEGE_POOL_WORDS ) / cstate->pool_size; + + for( i = 0; i < steps; i++ ) + havege_collect( cstate ); + } + /* Normal sequential stepping. */ + else for( i = 0; i < havege_reseed_steps; i++ ) + havege_collect( cstate ); + + cstate->pidx = 0; + } + + /* Return the next word. */ + return cstate->pool[ cstate->pidx++ ]; +} + +/************************* + * Device Methods * + *************************/ + +/** + * Poll the state for entropy and transfer it to the user. + */ +static ssize_t havege_read( struct file* pfile, char __user* buf, size_t length, loff_t* fpos ) { + ssize_t sz; + u32 i, j; + + sz = length; + + /* Try acquiring the lock. */ + if( down_interruptible( &cstate->lock ) ) + return -ERESTARTSYS; + + /* We're copying to the user in chunks. */ + while( length > 0 ) { + i = min_t( u32, CHUNK_TRANSFER_SZ, length / sizeof( u32 ) ); + + /* Fill up the buffer. */ + for( j = 0; j < i; j++ ) + transfer_buffer[ j ] = havege_extract(); + + /* Try transferring to the user. Bail out if we can only do a partial transfer. */ + if( copy_to_user( buf, transfer_buffer, i * sizeof( u32 ) ) ) { + sz = -EFAULT; + goto __bail_out; + } + + length -= i * sizeof( u32 ); + buf += i * sizeof( u32 ); + } + + fpos += sz; + +__bail_out: + + /* Clear out sensitive memory and release the lock. */ + memzero_explicit( transfer_buffer, sizeof( transfer_buffer ) ); + up( &cstate->lock ); + + return sz; +} + +/** + * When opening the device, ensure we're only doing read operations. + */ +static int havege_open( struct inode* inode, struct file* pfile ) { + /* Only allow reading from the device. */ + if( !( pfile->f_mode & FMODE_READ ) || pfile->f_mode & FMODE_WRITE ) + return -EINVAL; + + pfile->f_op = &havege_fops; + return 0; +} + +/************************** + * Module Methods * + **************************/ + +/** + * Allocates and initializes the internal state and character device. + */ +static int module_do_init( void ) { + int res; + + /* Allocate the character device for usage. */ + res = alloc_chrdev_region( &havege_dev, DRIVER_MINOR, DRIVER_MAJOR, DRIVER_NAME ); + if( res < 0 ) { + printk( KERROR "failed to register character device\n" ); + return res; + } + + /* Register the device class. */ + havege_class = class_create( THIS_MODULE, DRIVER_NAME ); + if( IS_ERR( havege_class ) ) { + printk( KERROR "failed to create device class\n" ); + return PTR_ERR( havege_class ); + } + + /* Set up the internal state. */ + cstate = havege_setup( HAVEGE_POOL_WORDS ); + if( !cstate ) + return -ENOMEM; + + /* Initialize the character device. */ + cdev_init( &cstate->dev, &havege_fops ); + cstate->dev.owner = THIS_MODULE; + cstate->dev.ops = &havege_fops; + + /* Add the device internally. */ + res = cdev_add( &cstate->dev, havege_dev, 1 ); + if( res ) { + printk( KERROR "failed to add character device\n" ); + return -EFAULT; + } + + /* Link and mark it ready for usage. */ + device_create( havege_class, NULL, havege_dev, NULL, DRIVER_NAME ); + kobject_set_name( &cstate->dev.kobj, DRIVER_NAME ); + + printk( KNOTICE "created character device\n" ); + return 0; +} + +/** + * Cleans up any allocated memory and removes the character device. + */ +static void module_do_exit( void ) { + /* free character device */ + cdev_del( &cstate->dev ); + unregister_chrdev_region( havege_dev, DRIVER_MAJOR ); + + /* remove & destroy class object */ + device_destroy( havege_class, havege_dev ); + class_destroy( havege_class ); + + /* destroy state */ + havege_cleanup( cstate ); + + printk( KNOTICE "removed from kernel.\n" ); +} + +/************************** + * Driver Exports * + **************************/ + +module_init( module_do_init ); +module_exit( module_do_exit ); + +module_param_named( init_steps, havege_init_steps, int, 0 ); +MODULE_PARM_DESC( init_steps, "inital steps to run when reseeding. default: 64" ); + +module_param_named( reseed_steps, havege_reseed_steps, int, 0 ); +MODULE_PARM_DESC( reseed_steps, "number of steps to use during reseeding. default: 64" ); + +MODULE_LICENSE( "GPL" ); +MODULE_AUTHOR( DRIVER_AUTH ); +MODULE_DESCRIPTION( DRIVER_DESC ); +MODULE_VERSION( DRIVER_VERS );
\ No newline at end of file diff --git a/step.h b/step.h new file mode 100644 index 000000000000..db18795fd394 --- /dev/null +++ b/step.h @@ -0,0 +1,121 @@ +/** + * Performs a single step of the HAVEGE algorithm. + * Copyright (C) 2018 Leonardo Gates + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +{ + flags = state->P1[ 0 ] >> 20; + + HAVEGE_BRANCH_STRESS; + + flags = flags >> 1; + state->P2[ 0 ] = ( state->P1[ 0 ] >> 18 ) & 7; + + state->P1[ 0 ] = state->P1[ 0 ] & 0xfff; + + HARDCLOCK( state->clock ); + + pt[ 0 ] = &state->walk_ptr[ state->P1[ 0 ] ^ 0]; + pt[ 1 ] = &state->walk_ptr[ state->P1[ 1 ] ^ 0 ]; + pt[ 2 ] = &state->walk_ptr[ state->P1[ 0 ] ^ 1 ]; + pt[ 3 ] = &state->walk_ptr[ state->P1[ 1 ] ^ 4 ]; + + state->pool[ i + 0 ] ^= *pt[ 0 ]; + state->pool[ i + 1 ] ^= *pt[ 1 ]; + state->pool[ i + 2 ] ^= *pt[ 2 ]; + state->pool[ i + 3 ] ^= *pt[ 3 ]; + + i += 4; + + j = ( *pt[ 0 ] >> 1 ) ^ ( *pt[ 0 ] << 31 ) ^ state->clock; + *pt[ 0 ] = ( *pt[ 1 ] >> 2 ) ^ ( *pt[ 1 ] << 30 ) ^ state->clock; + *pt[ 1 ] = j; + *pt[ 2 ] = ( *pt[ 2 ] >> 3 ) ^ ( *pt[ 2 ] << 29 ) ^ state->clock; + *pt[ 3 ] = ( *pt[ 3 ] >> 4 ) ^ ( *pt[ 3 ] << 28 ) ^ state->clock; + + pt[ 0 ] = &state->walk_ptr[ state->P1[ 0 ] ^ 2 ]; + pt[ 1 ] = &state->walk_ptr[ state->P1[ 1 ] ^ 2 ]; + pt[ 2 ] = &state->walk_ptr[ state->P1[ 0 ] ^ 3 ]; + pt[ 3 ] = &state->walk_ptr[ state->P1[ 1 ] ^ 6 ]; + + state->pool[ i + 0 ] ^= *pt[ 0 ]; + state->pool[ i + 1 ] ^= *pt[ 1 ]; + state->pool[ i + 2 ] ^= *pt[ 2 ]; + state->pool[ i + 3 ] ^= *pt[ 3 ]; + + i += 4; + + if( flags & 1 ) { + tmp = pt[ 0 ]; + pt[ 2 ] = pt[ 0 ]; + pt[ 0 ] = tmp; + } + + flags = ( state->P1[ 1 ] >> 18 ); + j = ( *pt[ 0 ] >> 5 ) ^ ( *pt[ 0 ] << 27 ) ^ state->clock; + *pt[ 0 ] = (*pt[ 1 ] >> 6 ) ^ ( *pt[ 1 ] << 26 ) ^ state->clock; + *pt[ 1 ] = j; + + HARDCLOCK( state->clock ); + + *pt[ 2 ] = ( *pt[ 2 ] >> 7 ) ^ ( *pt[ 2 ] << 25 ) ^ state->clock; + *pt[ 3 ] = ( *pt[ 3 ] >> 8 ) ^ ( *pt[ 3 ] << 24 ) ^ state->clock; + + pt[ 0 ] = &state->walk_ptr[ state->P1[ 0 ] ^ 4 ]; + pt[ 1 ] = &state->walk_ptr[ state->P1[ 1 ] ^ 1 ]; + + state->P1[ 1 ] = state->pool[( i - 8 ) ^ state->P2[ 1 ] ] ^ state->walk_ptr[ state->P1[ 1 ] ^ state->P2[ 1 ] ^ 7 ]; + state->P1[ 1 ] = ( ( state->P1[ 1 ] & 0xfff ) & ( 0xfffffff7 ) ) ^ ( ( state->P1[ 0 ] ^ 8 ) & 8 ); + + state->P2[ 1 ] = ( ( state->P1[ 1 ] >> 28 ) & 7 ); + + HAVEGE_BRANCH_STRESS; + + pt[ 2 ] = &state->walk_ptr[state->P1[ 0 ] ^ 5]; + pt[ 3 ] = &state->walk_ptr[state->P1[ 1 ] ^ 5]; + + state->pool[ i + 0 ] ^= *pt[ 0 ]; + state->pool[ i + 1 ] ^= *pt[ 1 ]; + state->pool[ i + 2 ] ^= *pt[ 2 ]; + state->pool[ i + 3 ] ^= *pt[ 3 ]; + + i += 4; + + j = ( *pt[ 0 ] >> 9 ) ^ ( *pt[ 0 ] << 23 ) ^ state->clock; + *pt[ 0 ] = ( *pt[ 1 ] >> 10 ) ^ ( *pt[ 1 ] << 22 ) ^ state->clock; + *pt[ 1 ] = j; + *pt[ 2 ] = ( *pt[ 2 ] >> 11 ) ^ ( *pt[ 2 ] << 21 ) ^ state->clock; + *pt[ 3 ] = ( *pt[ 3 ] >> 12 ) ^ ( *pt[ 3 ] << 20 ) ^ state->clock; + + pt[ 0 ] = &state->walk_ptr[ state->P1[ 0 ] ^ 6 ]; + pt[ 1 ] = &state->walk_ptr[ state->P1[ 1 ] ^ 3 ]; + pt[ 2 ] = &state->walk_ptr[ state->P1[ 0 ] ^ 7 ]; + pt[ 3 ] = &state->walk_ptr[ state->P1[ 1 ] ^ 7 ]; + + state->pool[ i + 0 ] ^= *pt[ 0 ]; + state->pool[ i + 1 ] ^= *pt[ 1 ]; + state->pool[ i + 2 ] ^= *pt[ 2 ]; + state->pool[ i + 3 ] ^= *pt[ 3 ]; + + i += 4; + + j = ( *pt[ 0 ] >> 13 ) ^ ( *pt[ 0 ] << 19 ) ^ state->clock; + *pt[ 0 ] = ( *pt[ 1 ] >> 14 ) ^ ( *pt[ 1 ] << 18 ) ^ state->clock; + *pt[ 1 ] = j; + *pt[ 2 ] = ( *pt[ 2 ] >> 15 ) ^ ( *pt[ 2 ] << 17 ) ^ state->clock; + *pt[ 3 ] = ( *pt[ 3 ] >> 16 ) ^ ( *pt[ 3 ] << 16 ) ^ state->clock; + state->P1[ 0 ] = ( ( ( state->pool[ ( i - 8 ) ^ state->P2[ 0 ] ] ^ state->walk_ptr[ state->P1[ 0 ] ^ state->P2[ 0 ] ^ 7 ] ) ) & ( 0xffffffef ) ) ^ ( ( state->P1[ 1 ] ^ 0x10 ) & 0x10 ); +}
\ No newline at end of file |