svn commit: r306636 - head/lib/libc/gen

Mon, 03 Oct 2016 06:13:49 -0700 

Author: emaste
Date: Mon Oct  3 13:12:44 2016
New Revision: 306636
URL: https://svnweb.freebsd.org/changeset/base/306636

Log:
  libc arc4_stir: use only kern.arandom sysctl
  
  The sysctl cannot fail. If it does fail on some FreeBSD derivative or
  after some future change, just abort() so that the problem will be found
  and fixed.
  
  It's preferable to provide an arc4random() function that cannot fail and
  cannot return poor quality random data. While abort() is not normally
  suitable for a library, it makes sense here.
  
  Reviewed by:  ed, jonathan, markm
  MFC after:    1 month
  Sponsored by: The FreeBSD Foundation
  Differential Revision:        https://reviews.freebsd.org/D8077

Modified:
  head/lib/libc/gen/arc4random.c

Modified: head/lib/libc/gen/arc4random.c
==============================================================================
--- head/lib/libc/gen/arc4random.c      Mon Oct  3 12:58:08 2016        
(r306635)
+++ head/lib/libc/gen/arc4random.c      Mon Oct  3 13:12:44 2016        
(r306636)
@@ -137,35 +137,17 @@ arc4_sysctl(u_char *buf, size_t size)
 static void
 arc4_stir(void)
 {
-       int done, fd, i;
-       struct {
-               struct timeval  tv;
-               pid_t           pid;
-               u_char          rnd[KEYSIZE];
-       } rdat;
+       u_char rdat[KEYSIZE];
+       int i;
 
        if (!rs_initialized) {
                arc4_init();
                rs_initialized = 1;
        }
-       done = 0;
-       if (arc4_sysctl((u_char *)&rdat, KEYSIZE) == KEYSIZE)
-               done = 1;
-       if (!done) {
-               fd = _open(RANDOMDEV, O_RDONLY | O_CLOEXEC, 0);
-               if (fd >= 0) {
-                       if (_read(fd, &rdat, KEYSIZE) == KEYSIZE)
-                               done = 1;
-                       (void)_close(fd);
-               }
-       }
-       if (!done) {
-               (void)gettimeofday(&rdat.tv, NULL);
-               rdat.pid = getpid();
-               /* We'll just take whatever was on the stack too... */
-       }
+       if (arc4_sysctl(rdat, KEYSIZE) != KEYSIZE)
+               abort(); /* Random sysctl cannot fail. */
 
-       arc4_addrandom((u_char *)&rdat, KEYSIZE);
+       arc4_addrandom(rdat, KEYSIZE);
 
        /*
         * Discard early keystream, as per recommendations in:
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to