svn commit: r338059 - in head: . contrib/ntp/lib/isc contrib/ntp/sntp/libevent crypto/heimdal/lib/roken crypto/openssh include lib/libc/gen lib/libc/include sys/crypto/chacha20

Oliver Pinter oliver.pinter at hardenedbsd.org
Sun Aug 19 18:27:07 UTC 2018 

On 8/19/18, Xin LI <delphij at freebsd.org> wrote:
> Author: delphij
> Date: Sun Aug 19 17:40:50 2018
> New Revision: 338059
> URL: https://svnweb.freebsd.org/changeset/base/338059
>
> Log:
>   Update userland arc4random() with OpenBSD's Chacha20 based arc4random().
>
>     ObsoleteFiles.inc:
>
>       Remove manual pages for arc4random_addrandom(3) and
>       arc4random_stir(3).
>
>     contrib/ntp/lib/isc/random.c:
>     contrib/ntp/sntp/libevent/evutil_rand.c:
>
>       Eliminate in-tree usage of arc4random_addrandom().
>
>     crypto/heimdal/lib/roken/rand.c:
>     crypto/openssh/config.h:
>
>       Eliminate in-tree usage of arc4random_stir().
>
>     include/stdlib.h:
>
>       Remove arc4random_stir() and arc4random_addrandom() prototypes,
>       provide temporary shims for transistion period.
>
>     lib/libc/gen/Makefile.inc:
>
>       Hook arc4random-compat.c to build, add hint for Chacha20 source for
>       kernel, and remove arc4random_addrandom(3) and arc4random_stir(3)
>       links.
>
>     lib/libc/gen/arc4random.c:
>
>       Adopt OpenBSD arc4random.c,v 1.54 with bare minimum changes, use the
>       sys/crypto/chacha20 implementation of keystream.
>
>     lib/libc/gen/Symbol.map:
>
>       Remove arc4random_stir and arc4random_addrandom interfaces.
>
>     lib/libc/gen/arc4random.h:
>
>       Adopt OpenBSD arc4random.h,v 1.4 but provide _ARC4_LOCK of our own.
>
>     lib/libc/gen/arc4random.3:
>
>       Adopt OpenBSD arc4random.3,v 1.35 but keep FreeBSD r114444 and
>       r118247.
>
>     lib/libc/gen/arc4random-compat.c:
>
>       Compatibility shims for arc4random_stir and arc4random_addrandom
>       functions to preserve ABI.  Log once when called but do nothing
>       otherwise.
>
>     lib/libc/gen/getentropy.c:
>     lib/libc/include/libc_private.h:
>
>       Fold __arc4_sysctl into getentropy.c (renamed to arnd_sysctl).
>       Remove from libc_private.h as a result.
>
>     sys/crypto/chacha20/chacha.c:
>     sys/crypto/chacha20/chacha.h:
>
>       Make it possible to use the kernel implementation in libc.
>
>   PR:		182610
>   Reviewed by:	cem, markm
>   Obtained from:	OpenBSD
>   Relnotes:	yes
>   Differential Revision:	https://reviews.freebsd.org/D16760
>
> Added:
>   head/lib/libc/gen/arc4random-compat.c   (contents, props changed)
>   head/lib/libc/gen/arc4random.h   (contents, props changed)
> Modified:
>   head/ObsoleteFiles.inc
>   head/contrib/ntp/lib/isc/random.c
>   head/contrib/ntp/sntp/libevent/evutil_rand.c
>   head/crypto/heimdal/lib/roken/rand.c
>   head/crypto/openssh/config.h
>   head/include/stdlib.h
>   head/lib/libc/gen/Makefile.inc
>   head/lib/libc/gen/Symbol.map
>   head/lib/libc/gen/arc4random.3
>   head/lib/libc/gen/arc4random.c   (contents, props changed)
>   head/lib/libc/gen/getentropy.c
>   head/lib/libc/include/libc_private.h
>   head/sys/crypto/chacha20/chacha.c
>   head/sys/crypto/chacha20/chacha.h
>
> Modified: head/ObsoleteFiles.inc
> ==============================================================================
> --- head/ObsoleteFiles.inc	Sun Aug 19 17:36:50 2018	(r338058)
> +++ head/ObsoleteFiles.inc	Sun Aug 19 17:40:50 2018	(r338059)
> @@ -38,6 +38,9 @@
>  #   xargs -n1 | sort | uniq -d;
>  # done
>
> +# 20180819: Remove deprecated arc4random(3) stir/addrandom interfaces
> +OLD_FILES+=usr/share/man/man3/arc4random_addrandom.3.gz
> +OLD_FILES+=usr/share/man/man3/arc4random_stir.3.gz
>  # 20180819: send-pr(1) placeholder removal
>  OLD_FILES+=usr/bin/send-pr
>  # 20180725: Cleanup old libcasper.so.0
>
> Modified: head/contrib/ntp/lib/isc/random.c
> ==============================================================================
> --- head/contrib/ntp/lib/isc/random.c	Sun Aug 19 17:36:50 2018	(r338058)
> +++ head/contrib/ntp/lib/isc/random.c	Sun Aug 19 17:40:50 2018	(r338059)
> @@ -67,8 +67,6 @@ isc_random_seed(isc_uint32_t seed)
>
>  #ifndef HAVE_ARC4RANDOM
>  	srand(seed);
> -#else
> -	arc4random_addrandom((u_char *) &seed, sizeof(isc_uint32_t));
>  #endif
>  }
>
>
> Modified: head/contrib/ntp/sntp/libevent/evutil_rand.c
> ==============================================================================
> --- head/contrib/ntp/sntp/libevent/evutil_rand.c	Sun Aug 19 17:36:50
> 2018	(r338058)
> +++ head/contrib/ntp/sntp/libevent/evutil_rand.c	Sun Aug 19 17:40:50
> 2018	(r338059)
> @@ -195,8 +195,6 @@ evutil_secure_rng_get_bytes(void *buf, size_t n)
>  void
>  evutil_secure_rng_add_bytes(const char *buf, size_t n)
>  {
> -	arc4random_addrandom((unsigned char*)buf,
> -	    n>(size_t)INT_MAX ? INT_MAX : (int)n);
>  }
>
>  void
>
> Modified: head/crypto/heimdal/lib/roken/rand.c
> ==============================================================================
> --- head/crypto/heimdal/lib/roken/rand.c	Sun Aug 19 17:36:50 2018	(r338058)
> +++ head/crypto/heimdal/lib/roken/rand.c	Sun Aug 19 17:40:50 2018	(r338059)
> @@ -37,7 +37,6 @@ void ROKEN_LIB_FUNCTION
>  rk_random_init(void)
>  {
>  #if defined(HAVE_ARC4RANDOM)
> -    arc4random_stir();
>  #elif defined(HAVE_SRANDOMDEV)
>      srandomdev();
>  #elif defined(HAVE_RANDOM)

This hunk of the patch looks weird.

Isn't it would better to undef HAVE_ARC4RANDOM without deleting the
arc4random_stir()?
Or delete the macro part of detection like

#if defined(HAVE_SRANDOM...

More information about the svn-src-all mailing list