src/sys/dev/random, branch main FreeBSD source tree arm64: Assume get_kernel_reg returns true 2026-02-09T17:24:27+00:00 Andrew Turner andrew@FreeBSD.org 2026-02-09T17:24:27+00:00 a8c3933840448eaf04ecfe162c0d05caf11090a4 It now only returns true so this can be assumed and doesn't need to be checked. Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D55105 
It now only returns true so this can be assumed and doesn't need to be
checked.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D55105
armv8rng: Fix an inverted test in random_rndr_read_one() 2025-12-18T19:46:42+00:00 Mark Johnston markj@FreeBSD.org 2025-12-18T14:17:20+00:00 93811883500b99f9f1fb4ffd6e764226d37dcfd0 If we get a random number, the NZCV is set to 0b0000. Then "cset %w1, ne" will test whether Z == 0 and set %w1 to 1 if so. More specifically, "cset %w1, ne" maps to "csinc %w1, wzr, wzr, eq", which stores 0 in %w1 when NZCV == 0b0100 and 1 otherwise. Thus, on a successful read we expect ret != 0, so the loop condition needs to be fixed. In practice this means that we would end up trying to fetch entropy up to ten times in a row. If all attempts are successful, the last will be returned, otherwise no entropy will be returned. Reported by: Kevin Day <kevin@your.org> Reviewed by: andrew Fixes: 9eecef052155 ("Add an Armv8 rndr random number provider") MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D54259 
If we get a random number, the NZCV is set to 0b0000.  Then
"cset %w1, ne" will test whether Z == 0 and set %w1 to 1 if so.
More specifically, "cset %w1, ne" maps to "csinc %w1, wzr, wzr, eq",
which stores 0 in %w1 when NZCV == 0b0100 and 1 otherwise.

Thus, on a successful read we expect ret != 0, so the loop condition
needs to be fixed.  In practice this means that we would end up trying
to fetch entropy up to ten times in a row.  If all attempts are
successful, the last will be returned, otherwise no entropy will be
returned.

Reported by:	Kevin Day <kevin@your.org>
Reviewed by:	andrew
Fixes:		9eecef052155 ("Add an Armv8 rndr random number provider")
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D54259
random: Have RANDOM_PURE_START be a cross-platform source 2025-11-07T23:28:16+00:00 David E. O'Brien obrien@FreeBSD.org 2025-10-23T23:20:54+00:00 068fea0aa15bceb7b6b01687542b58ee81d1d887 and one that will be with us in the long-term future. (this helps reduce diffs in the future and for down-stream users that trim entropy sources). Also, move deprecated (removed in 16.0) sources to the bottom of the list to reduce changes to 15.x. Reviewed by: glebius Obtained from: Juniper Networks Differential Revision: https://reviews.freebsd.org/D53311 
and one that will be with us in the long-term future.
(this helps reduce diffs in the future and for down-stream users
that trim entropy sources).  Also, move deprecated (removed in 16.0)
sources to the bottom of the list to reduce changes to 15.x.

Reviewed by:	glebius
Obtained from:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D53311
random: CTASSERT check sizeof random_source_descr[] 2025-10-31T18:01:45+00:00 David E. O'Brien obrien@FreeBSD.org 2025-10-22T07:19:20+00:00 8bd9a9e9e4cb3e293c1639319692ce201eb8fc53 Ensure that the number of elements of random_source_descr[] and fxrng_ent_char[] matches that of enum random_entropy_source. Reviewed by: cem Differential Revision: https://reviews.freebsd.org/D53255 
Ensure that the number of elements of random_source_descr[]
and fxrng_ent_char[] matches that of enum random_entropy_source.

Reviewed by:	cem
Differential Revision: https://reviews.freebsd.org/D53255
random: remove hifn(4) 2025-10-28T23:46:15+00:00 David E. O'Brien obrien@FreeBSD.org 2025-10-18T03:15:50+00:00 685a78570b359eb2bd4d8c28dde22de54d55b8ec The Hifn 7955 & 7956 only supports deprecated & NIST disallowed algorithms (NIST SP800-224idp): SHA1 and SHA1-HMAC. Furthermore the entropy RNG of the Hifn 7751, 7951, 7811, 7955, and 7956 has no NIST Entropy Source Validation (ESV) certificate and cannot be used in a FIPS-140-3 nor Common Criteara environment. Furthermore the most prolific instance for FreeBSD was the Soekris Engineering vpn1201, vpn1211, vpn1401, and vpn1411 offerings. These are all 32-bit only processors. The i386 kernel was de-supported in 15.0. Reviewed by: jhb Differential Revision: https://reviews.freebsd.org/D53182 
The Hifn 7955 & 7956 only supports deprecated & NIST disallowed
algorithms (NIST SP800-224idp): SHA1 and SHA1-HMAC.

Furthermore the entropy RNG of the Hifn 7751, 7951, 7811, 7955,
and 7956 has no NIST Entropy Source Validation (ESV) certificate
and cannot be used in a FIPS-140-3 nor Common Criteara environment.

Furthermore the most prolific instance for FreeBSD was the
Soekris Engineering vpn1201, vpn1211, vpn1401, and vpn1411
offerings.  These are all 32-bit only processors.  The i386
kernel was de-supported in 15.0.

Reviewed by:	jhb
Differential Revision:	https://reviews.freebsd.org/D53182
random: fenestrasX: Add missing entropy sources 2025-10-23T16:54:03+00:00 David E. O'Brien obrien@FreeBSD.org 2025-10-23T06:25:59+00:00 93b02f69a6f6ffb833227c2fd56d48daac128156 Reviewed by: cem Fixes: 1492c8c0d qcom_rnd: add initial qualcomm prng driver. Fixes: 9eecef052 Add an Armv8 rndr random number provider Fixes: b2f8b2dc8 sys: Add an SMCCC Random Number Generator driver Differential Revision: https://reviews.freebsd.org/D53292 
Reviewed by: cem
Fixes: 1492c8c0d qcom_rnd: add initial qualcomm prng driver.
Fixes: 9eecef052 Add an Armv8 rndr random number provider
Fixes: b2f8b2dc8 sys: Add an SMCCC Random Number Generator driver
Differential Revision:	https://reviews.freebsd.org/D53292
random: fenestrasX: add RDSEED support 2025-10-23T16:52:55+00:00 David E. O'Brien obrien@FreeBSD.org 2025-10-23T04:49:02+00:00 38e9d282cd7dacbf64883b45544723408cfd4d09 Reviewed by: cem Fixes: 3a1298 random: add RDSEED as a provably unique entropy source Differential Revision: https://reviews.freebsd.org/D53291 
Reviewed by: cem
Fixes: 3a1298 random: add RDSEED as a provably unique entropy source
Differential Revision:	https://reviews.freebsd.org/D53291
random: garbage collect the RANDOM_PURE_OCTEON entropy source 2025-10-22T18:37:23+00:00 David E. O'Brien obrien@FreeBSD.org 2025-10-17T00:55:51+00:00 283699338c5724253f721f4d0e488113dd49bd17 It was used for Octeon MIPS and all producers have been removed from the source tree. Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D53146 
It was used for Octeon MIPS and all producers have been removed
from the source tree.

Reviewed by: emaste
Differential Revision:	https://reviews.freebsd.org/D53146
random: add RDSEED as a provably unique entropy source 2025-10-22T06:59:59+00:00 David E. O'Brien obrien@FreeBSD.org 2025-10-17T03:20:23+00:00 3a12982962ce330c37c154bb2eb8ae0539fc6f48 NIST SP800-90B allows for only a single entropy source to be claimed in a FIPS-140-3 certificate. In addition, only hardware sources that have a NIST Entropy Source Validation (ESV) certificate, backed by a SP800-90B Entropy Assessment Report, are usable. Intel has obtained ESV certificates for several of their processors, so RDSEED is a FIPS-140-3 suitable entropy source. However, even though RDRAND is seeded by RDSEED internally, RDRAND would need a RBG certificate and CAVP testing run on the DRBG in order to use it for FIPS-140-3 (SP800-90B) purposes. So we need to know down in the CSPRNG-subsystem which source the entropy came from. In light of the potential issues surrounding AMD Zen 5 CPU's RDSEED implementation[*], allow RDSEED to be disabled in loader.conf. [*] https://www.phoronix.com/news/AMD-EPYC-Turin-RDSEED-Bug Reviewed by: cem MFC after: 3 days Sponsored by: Juniper Networks Differential Revision: https://reviews.freebsd.org/D53150 
NIST SP800-90B allows for only a single entropy source to be claimed
in a FIPS-140-3 certificate.  In addition, only hardware sources that
have a NIST Entropy Source Validation (ESV) certificate, backed by
a SP800-90B Entropy Assessment Report, are usable.  Intel has obtained
ESV certificates for several of their processors, so RDSEED is a
FIPS-140-3 suitable entropy source.

However, even though RDRAND is seeded by RDSEED internally, RDRAND
would need a RBG certificate and CAVP testing run on the DRBG in order
to use it for FIPS-140-3 (SP800-90B) purposes.  So we need to know
down in the CSPRNG-subsystem which source the entropy came from.

In light of the potential issues surrounding AMD Zen 5 CPU's RDSEED
implementation[*], allow RDSEED to be disabled in loader.conf.
[*] https://www.phoronix.com/news/AMD-EPYC-Turin-RDSEED-Bug

Reviewed by:	cem
MFC after:	3 days
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D53150
random: fxrng: Add an entry for RANDOM_RANDOMDEV to the source table 2025-09-20T12:21:57+00:00 Mark Johnston markj@FreeBSD.org 2025-09-19T22:58:22+00:00 174d5d9397c492aff67f7ad49e130039697dc1dd Otherwise we get a NULL pointer dereference when writing to /dev/random. PR: 288826 Reviewed by: cem MFC after: 1 week Fixes: fa8db724ae6e ("random: Treat writes to /dev/random as separate from /entropy") Differential Revision: https://reviews.freebsd.org/D52633 
Otherwise we get a NULL pointer dereference when writing to /dev/random.

PR:		288826
Reviewed by:	cem
MFC after:	1 week
Fixes:		fa8db724ae6e ("random: Treat writes to /dev/random as separate from /entropy")
Differential Revision:	https://reviews.freebsd.org/D52633