Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 3 Oct 2016 13:12:44 +0000 (UTC)
From:      Ed Maste <emaste@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r306636 - head/lib/libc/gen
Message-ID:  <201610031312.u93DCikZ024251@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: emaste
Date: Mon Oct  3 13:12:44 2016
New Revision: 306636
URL: https://svnweb.freebsd.org/changeset/base/306636

Log:
  libc arc4_stir: use only kern.arandom sysctl
  
  The sysctl cannot fail. If it does fail on some FreeBSD derivative or
  after some future change, just abort() so that the problem will be found
  and fixed.
  
  It's preferable to provide an arc4random() function that cannot fail and
  cannot return poor quality random data. While abort() is not normally
  suitable for a library, it makes sense here.
  
  Reviewed by:	ed, jonathan, markm
  MFC after:	1 month
  Sponsored by:	The FreeBSD Foundation
  Differential Revision:	https://reviews.freebsd.org/D8077

Modified:
  head/lib/libc/gen/arc4random.c

Modified: head/lib/libc/gen/arc4random.c
==============================================================================
--- head/lib/libc/gen/arc4random.c	Mon Oct  3 12:58:08 2016	(r306635)
+++ head/lib/libc/gen/arc4random.c	Mon Oct  3 13:12:44 2016	(r306636)
@@ -137,35 +137,17 @@ arc4_sysctl(u_char *buf, size_t size)
 static void
 arc4_stir(void)
 {
-	int done, fd, i;
-	struct {
-		struct timeval	tv;
-		pid_t		pid;
-		u_char	 	rnd[KEYSIZE];
-	} rdat;
+	u_char rdat[KEYSIZE];
+	int i;
 
 	if (!rs_initialized) {
 		arc4_init();
 		rs_initialized = 1;
 	}
-	done = 0;
-	if (arc4_sysctl((u_char *)&rdat, KEYSIZE) == KEYSIZE)
-		done = 1;
-	if (!done) {
-		fd = _open(RANDOMDEV, O_RDONLY | O_CLOEXEC, 0);
-		if (fd >= 0) {
-			if (_read(fd, &rdat, KEYSIZE) == KEYSIZE)
-				done = 1;
-			(void)_close(fd);
-		}
-	}
-	if (!done) {
-		(void)gettimeofday(&rdat.tv, NULL);
-		rdat.pid = getpid();
-		/* We'll just take whatever was on the stack too... */
-	}
+	if (arc4_sysctl(rdat, KEYSIZE) != KEYSIZE)
+		abort(); /* Random sysctl cannot fail. */
 
-	arc4_addrandom((u_char *)&rdat, KEYSIZE);
+	arc4_addrandom(rdat, KEYSIZE);
 
 	/*
 	 * Discard early keystream, as per recommendations in:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201610031312.u93DCikZ024251>