Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src Remove arc4random() and arc4randbytes() from the kernel API....
details: https://anonhg.NetBSD.org/src/rev/659829ed97cd
branches: trunk
changeset: 771677:659829ed97cd
user: tls <tls%NetBSD.org@localhost>
date: Mon Nov 28 08:05:05 2011 +0000
description:
Remove arc4random() and arc4randbytes() from the kernel API. Replace
arc4random() hacks in rump with stubs that call the host arc4random() to
get numbers that are hopefully actually random (arc4random() keyed with
stack junk is not). This should fix some of the currently failing anita
tests -- we should no longer generate duplicate "random" MAC addresses in
the test environment.
diffstat:
lib/librumpuser/rumpuser.c | 10 ++++++-
sys/dist/ipf/netinet/ip_compat.h | 12 ++++++---
sys/dist/ipf/netinet/ip_state.c | 6 ++--
sys/dist/pf/net/pf_ioctl.c | 9 ++++---
sys/dist/pf/net/pf_norm.c | 7 +++--
sys/lib/libkern/arc4random.c | 31 ++++++++++++------------
sys/lib/libkern/libkern.h | 4 +--
sys/nfs/nfs_vnops.c | 9 ++++---
sys/opencrypto/cryptosoft.c | 10 ++++----
sys/opencrypto/cryptosoft_xform.c | 8 +++---
sys/rump/include/rump/rumpuser.h | 4 ++-
sys/rump/librump/rumpkern/cprng_stub.c | 42 +++++++++++++++++++++++++++++++++-
sys/sys/cprng.h | 20 ++++++++++++---
sys/sys/param.h | 4 +-
sys/ufs/ffs/ffs_alloc.c | 7 +++--
15 files changed, 125 insertions(+), 58 deletions(-)
diffs (truncated from 563 to 300 lines):
diff -r 735aac3d9452 -r 659829ed97cd lib/librumpuser/rumpuser.c
--- a/lib/librumpuser/rumpuser.c Mon Nov 28 08:00:48 2011 +0000
+++ b/lib/librumpuser/rumpuser.c Mon Nov 28 08:05:05 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: rumpuser.c,v 1.15 2011/02/06 21:05:53 pooka Exp $ */
+/* $NetBSD: rumpuser.c,v 1.16 2011/11/28 08:05:05 tls Exp $ */
/*
* Copyright (c) 2007-2010 Antti Kantee. All Rights Reserved.
@@ -27,7 +27,7 @@
#include <sys/cdefs.h>
#if !defined(lint)
-__RCSID("$NetBSD: rumpuser.c,v 1.15 2011/02/06 21:05:53 pooka Exp $");
+__RCSID("$NetBSD: rumpuser.c,v 1.16 2011/11/28 08:05:05 tls Exp $");
#endif /* !lint */
/* thank the maker for this */
@@ -640,3 +640,9 @@
return 1;
#endif
}
+
+uint32_t
+rumpuser_arc4random(void)
+{
+ return arc4random();
+}
diff -r 735aac3d9452 -r 659829ed97cd sys/dist/ipf/netinet/ip_compat.h
--- a/sys/dist/ipf/netinet/ip_compat.h Mon Nov 28 08:00:48 2011 +0000
+++ b/sys/dist/ipf/netinet/ip_compat.h Mon Nov 28 08:05:05 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_compat.h,v 1.29 2010/06/01 08:53:20 plunky Exp $ */
+/* $NetBSD: ip_compat.h,v 1.30 2011/11/28 08:05:05 tls Exp $ */
/*
* Copyright (C) 1993-2001, 2003 by Darren Reed.
@@ -216,7 +216,7 @@
# ifdef _KERNEL
# define NEED_LOCAL_RAND 1
-# define ipf_random arc4random
+# define ipf_random cprng_fast32
# define KRWLOCK_T krwlock_t
# define KMUTEX_T kmutex_t
@@ -582,7 +582,8 @@
# ifdef _KERNEL
# define NEED_LOCAL_RAND 1
-# define ipf_random arc4random
+#include <sys/cprng.h>
+# define ipf_random cprng_fast32
# define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); \
(x)++; MUTEX_EXIT(&ipf_rw); }
# define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); \
@@ -806,7 +807,9 @@
# endif
# endif
+#ifndef _KERNEL
# define ipf_random arc4random
+#endif
# if (__NetBSD_Version__ >= 499000000)
# ifdef _KERNEL
@@ -834,7 +837,8 @@
# endif
# ifdef _KERNEL
-# define ipf_random arc4random
+# include <sys/cprng.h>
+# define ipf_random cprng_fast32
# if (__NetBSD_Version__ >= 399001400)
# define KMALLOCS(a, b, c) (a) = (b)malloc((c), _M_IPF, M_NOWAIT)
# endif
diff -r 735aac3d9452 -r 659829ed97cd sys/dist/ipf/netinet/ip_state.c
--- a/sys/dist/ipf/netinet/ip_state.c Mon Nov 28 08:00:48 2011 +0000
+++ b/sys/dist/ipf/netinet/ip_state.c Mon Nov 28 08:05:05 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ip_state.c,v 1.36 2010/04/17 21:00:44 darrenr Exp $ */
+/* $NetBSD: ip_state.c,v 1.37 2011/11/28 08:05:05 tls Exp $ */
/*
* Copyright (C) 1995-2003 by Darren Reed.
@@ -115,7 +115,7 @@
#if !defined(lint)
#if defined(__NetBSD__)
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_state.c,v 1.36 2010/04/17 21:00:44 darrenr Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_state.c,v 1.37 2011/11/28 08:05:05 tls Exp $");
#else
static const char sccsid[] = "@(#)ip_state.c 1.8 6/5/96 (C) 1993-2000 Darren Reed";
static const char rcsid[] = "@(#)Id: ip_state.c,v 2.186.2.100 2010/01/31 16:22:55 darrenr Exp";
@@ -228,7 +228,7 @@
* XXX - ips_seed[X] should be a random number of sorts.
*/
#if !defined(NEED_LOCAL_RAND) && defined(_KERNEL)
- ips_seed[i] = arc4random();
+ ips_seed[i] = cprng_fast32();
#else
ips_seed[i] = ((u_long)ips_seed + i) * fr_statesize;
ips_seed[i] += tv.tv_sec;
diff -r 735aac3d9452 -r 659829ed97cd sys/dist/pf/net/pf_ioctl.c
--- a/sys/dist/pf/net/pf_ioctl.c Mon Nov 28 08:00:48 2011 +0000
+++ b/sys/dist/pf/net/pf_ioctl.c Mon Nov 28 08:05:05 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: pf_ioctl.c,v 1.45 2011/08/30 19:05:12 jmcneill Exp $ */
+/* $NetBSD: pf_ioctl.c,v 1.46 2011/11/28 08:05:05 tls Exp $ */
/* $OpenBSD: pf_ioctl.c,v 1.182 2007/06/24 11:17:13 mcbride Exp $ */
/*
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: pf_ioctl.c,v 1.45 2011/08/30 19:05:12 jmcneill Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pf_ioctl.c,v 1.46 2011/11/28 08:05:05 tls Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -66,6 +66,7 @@
#include <sys/lwp.h>
#include <sys/kauth.h>
#include <sys/module.h>
+#include <sys/cprng.h>
#endif /* __NetBSD__ */
#include <net/if.h>
@@ -300,7 +301,7 @@
pf_status.debug = PF_DEBUG_URGENT;
/* XXX do our best to avoid a conflict */
- pf_status.hostid = arc4random();
+ pf_status.hostid = cprng_fast32();
/* require process context to purge states, so perform in a thread */
#ifdef __NetBSD__
@@ -3176,7 +3177,7 @@
u_int32_t *hid = (u_int32_t *)addr;
if (*hid == 0)
- pf_status.hostid = arc4random();
+ pf_status.hostid = cprng_fast32();
else
pf_status.hostid = *hid;
break;
diff -r 735aac3d9452 -r 659829ed97cd sys/dist/pf/net/pf_norm.c
--- a/sys/dist/pf/net/pf_norm.c Mon Nov 28 08:00:48 2011 +0000
+++ b/sys/dist/pf/net/pf_norm.c Mon Nov 28 08:05:05 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: pf_norm.c,v 1.25 2011/08/29 09:50:04 jmcneill Exp $ */
+/* $NetBSD: pf_norm.c,v 1.26 2011/11/28 08:05:05 tls Exp $ */
/* $OpenBSD: pf_norm.c,v 1.109 2007/05/28 17:16:39 henning Exp $ */
/*
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: pf_norm.c,v 1.25 2011/08/29 09:50:04 jmcneill Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pf_norm.c,v 1.26 2011/11/28 08:05:05 tls Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -47,6 +47,7 @@
#ifdef __NetBSD__
#include <sys/rnd.h>
+#include <sys/cprng.h>
#else
#include <dev/rndvar.h>
#endif /* !__NetBSD__ */
@@ -1446,7 +1447,7 @@
src->scrub->pfss_flags |=
PFSS_TIMESTAMP;
src->scrub->pfss_ts_mod =
- htonl(arc4random());
+ htonl(cprng_fast32());
/* note PFSS_PAWS not set yet */
memcpy(&tsval, &opt[2],
diff -r 735aac3d9452 -r 659829ed97cd sys/lib/libkern/arc4random.c
--- a/sys/lib/libkern/arc4random.c Mon Nov 28 08:00:48 2011 +0000
+++ b/sys/lib/libkern/arc4random.c Mon Nov 28 08:05:05 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: arc4random.c,v 1.26 2011/11/27 00:09:04 tsutsui Exp $ */
+/* $NetBSD: arc4random.c,v 1.27 2011/11/28 08:05:05 tls Exp $ */
/*-
* Copyright (c) 2002, 2011 The NetBSD Foundation, Inc.
@@ -112,7 +112,8 @@
static inline u_int8_t arc4_randbyte(void);
static inline void arc4randbytes_unlocked(void *, size_t);
-
+void _arc4randbytes(void *, size_t);
+uint32_t _arc4random(void);
static inline void
arc4_swap(u_int8_t *a, u_int8_t *b)
@@ -283,18 +284,6 @@
return arc4_sbox[arc4_t];
}
-u_int32_t
-arc4random(void)
-{
- u_int32_t ret;
- u_int8_t *retc;
-
- retc = (u_int8_t *)&ret;
-
- arc4randbytes(retc, sizeof(u_int32_t));
- return ret;
-}
-
static inline void
arc4randbytes_unlocked(void *p, size_t len)
{
@@ -306,7 +295,7 @@
}
void
-arc4randbytes(void *p, size_t len)
+_arc4randbytes(void *p, size_t len)
{
/* Initialize array if needed. */
if (!arc4_initialized) {
@@ -323,3 +312,15 @@
arc4_randrekey(NULL);
}
}
+
+u_int32_t
+_arc4random(void)
+{
+ u_int32_t ret;
+ u_int8_t *retc;
+
+ retc = (u_int8_t *)&ret;
+
+ _arc4randbytes(retc, sizeof(u_int32_t));
+ return ret;
+}
diff -r 735aac3d9452 -r 659829ed97cd sys/lib/libkern/libkern.h
--- a/sys/lib/libkern/libkern.h Mon Nov 28 08:00:48 2011 +0000
+++ b/sys/lib/libkern/libkern.h Mon Nov 28 08:05:05 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: libkern.h,v 1.103 2011/10/01 16:06:24 chs Exp $ */
+/* $NetBSD: libkern.h,v 1.104 2011/11/28 08:05:06 tls Exp $ */
/*-
* Copyright (c) 1992, 1993
@@ -313,8 +313,6 @@
void *memchr(const void *, int, size_t);
void *memmove(void *, const void *, size_t);
int pmatch(const char *, const char *, const char **);
-u_int32_t arc4random(void);
-void arc4randbytes(void *, size_t);
#ifndef SMALL_RANDOM
void srandom(unsigned long);
char *initstate(unsigned long, char *, size_t);
diff -r 735aac3d9452 -r 659829ed97cd sys/nfs/nfs_vnops.c
--- a/sys/nfs/nfs_vnops.c Mon Nov 28 08:00:48 2011 +0000
+++ b/sys/nfs/nfs_vnops.c Mon Nov 28 08:05:05 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: nfs_vnops.c,v 1.292 2011/09/27 01:05:08 christos Exp $ */
+/* $NetBSD: nfs_vnops.c,v 1.293 2011/11/28 08:05:06 tls Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: nfs_vnops.c,v 1.292 2011/09/27 01:05:08 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nfs_vnops.c,v 1.293 2011/11/28 08:05:06 tls Exp $");
#ifdef _KERNEL_OPT
#include "opt_nfs.h"
@@ -68,6 +68,7 @@
#include <sys/stat.h>
#include <sys/unistd.h>
#include <sys/kauth.h>
+#include <sys/cprng.h>
#include <uvm/uvm_extern.h>
#include <uvm/uvm.h>
@@ -1638,8 +1639,8 @@
if (excl_mode == NFSV3CREATE_EXCLUSIVE) {
*tl = txdr_unsigned(NFSV3CREATE_EXCLUSIVE);
nfsm_build(tl, u_int32_t *, NFSX_V3CREATEVERF);
- *tl++ = arc4random();
- *tl = arc4random();
+ *tl++ = cprng_fast32();
+ *tl = cprng_fast32();
} else {
*tl = txdr_unsigned(excl_mode);
nfsm_v3attrbuild(vap, false);
Home |
Main Index |
Thread Index |
Old Index