OpenAFS Master Repository branch, master, updated. openafs-devel-1_5_76-4357-g0d67b00

Gerrit Code Review
Wed, 10 Sep 2014 15:05:25 -0400

The following commit has been merged in the master branch:
commit 0d67b00ff9db48c5555e8ae11daff9a469c770b0
Author: Ben Kaduk <>
Date:   Wed Mar 27 17:02:55 2013 -0400

    Export heimdal's rand-fortuna PRNG to the kernel
    Some systems (e.g., AIX, SGI, DFBSD, HPUX) do not supply a useful
    implementation of osi_readRandom(), in some cases because the kernel
    does not expose a random-number interface to kernel modules.  We want
    real random numbers on all systems, because we want to use the for
    setting the RX epoch and connection ID in the kernel.
    Build hcrypto's rand-fortuna PRNG into the rand-kernel interface we expose,
    and implement RAND_bytes using rand-fortuna when osi_ReadRandom()
    is not useful.
    Add stub routines to config.h as needed, and add a heim_threads.h
    with the necessary locking for rand-fortuna.  The rand-fortuna algorithm
    requires some measure of time's passage, so provide a stub gettimeofday()
    with single-second resolution.  We use a single (global) mutex for the
    hcrypto kernel code, so that we can statically declare an initializer to
    be the address of that mutex.  Otherwise the locking is taken essentially
    wholesale from rx_kmutex.
    rand-fortuna requires the sha256 code for its hashing, and also
    requires a stub rand-fortuna to satisfy linker symbol visibility.
    Since the rand-fortuna code does not have any actual sources of entropy
    available to it during its initialization routines, we must explicitly
    seed the in-kernel rand-fortuna using entropy passed in from userland.
    (Userland will always have at least /dev/random available, so the
    userland hcrypto should always have usable entropy.)  Be sure to do so
    early in the afsd startup sequence, before any daemons are started, so
    that entropy is available to the core rx code for generating the epoch
    and cid -- the rand-fortuna code will (erroneously) always claim that
    it has startup entropy even though in this case it may not actually
    have any entropy.  The rand-fortuna code does not consider itself
    fully seeded until it has 128 bytes of entropy, so be sure to pass
    more than that in from userspace.
    It is preferrable to always build this code into the kernel, even on
    systems when it is not going to be used, to help prevent bitrot.  This
    also avoids the possibility of a new system being supported that would
    attempt to use the rand-fortuna code but fail to supply any seed entropy,
    which would not necessarily be readily apparent.
    Change-Id: I614d2bd9ac52803ec3b9572cc694cd836c8427dd
    Reviewed-by: D Brashear <>
    Tested-by: BuildBot <>
    Reviewed-by: Jeffrey Altman <>

 src/afs/afs_call.c                       |   25 +++++++++++++
 src/afsd/                     |    2 +-
 src/afsd/afsd.c                          |   12 ++++++
 src/config/afs_args.h                    |    1 +
 src/crypto/hcrypto/kernel/config.h       |   33 +++++++++++++++++
 src/crypto/hcrypto/kernel/heim_threads.h |   12 ++++++
 src/crypto/hcrypto/kernel/rand-timer.c   |   58 ++++++++++++++++++++++++++++++
 src/crypto/hcrypto/kernel/rand.c         |   27 ++++++++++++++
 src/crypto/hcrypto/kernel/strcasecmp.c   |   32 ++++++++++++++++
 src/libafs/            |   29 +++++++++++++++
 src/libafs/        |    4 ++
 11 files changed, 234 insertions(+), 1 deletions(-)

OpenAFS Master Repository