From owner-svn-src-head@freebsd.org Sun Aug 19 18:27:07 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3B49A1073832 for ; Sun, 19 Aug 2018 18:27:07 +0000 (UTC) (envelope-from oliver.pinter@hardenedbsd.org) Received: from mail-yb0-x244.google.com (mail-yb0-x244.google.com [IPv6:2607:f8b0:4002:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CA90C840C3 for ; Sun, 19 Aug 2018 18:27:06 +0000 (UTC) (envelope-from oliver.pinter@hardenedbsd.org) Received: by mail-yb0-x244.google.com with SMTP id v13-v6so2319446ybq.12 for ; Sun, 19 Aug 2018 11:27:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=srM/BoGj29gQc5Cl48ZZGmy1T7udiJZJlpZtphsssQQ=; b=Bsu3A6uQMcX1slTef0+0CDSkuZf8FEZif/yw9+Q03oTgf4lPrijfnrL0bgXJ2hOriE iwWszeLmYZ0vidovwo1zdjI0whAuifag30WAY2hOjOSicMiiYH5tzTIdVbogz2lIQmvd hVWZ8zu8xGQgNHToD0TJGyqA8qDqE3p176j5F9TP2JEFfDMHMGUMZoXhL2uM5avCAzda Us+FPE5VfZJqlHYoJ4jMt0Px/msdXmyiJeX81bs0eN94P/K13Xk/BOXdFMlH5/AwWYsP OtTYfFGpJDuLJZeDBmzkjt3UQbaXaKBh/9l8sT4zFGYe4I59AX7TUnQUmg7geML6GGwC DrPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=srM/BoGj29gQc5Cl48ZZGmy1T7udiJZJlpZtphsssQQ=; b=EibksNzfIkss9+M7LId353j24+Foi3FBqQbH1eznMa+Gyl560FqHP+u/pUIXlkguyI 3+BJYI6d3r8bksphbZ/pIsuBUYeb7c/Rh2IMRbzKRvr0Wqo9wJx8TClAvr4O2ogNEsyN wpCbQCXqtdE2L0VKiZ1OVEm04oLaBgGrfWijwA8T91tKeGEe5ELUJRM2qBrdGXaQ8qac Uv2l8412eoggpLqtUJBn+DxDD9fyB7gh0ElAMF+poTDuorhh+Eml+GJj+c24PevhdZ3o lyHxCx9LgCAy1t2w/GCz1IFXkkOoBNU8bOD6wpdwhP0QAl2NHauon4puwvv3HdgZzdeV VwIw== X-Gm-Message-State: AOUpUlGHov9jsfd9omaCnvaNnVJfT9o63Kb6X21fGF895N8hdmsz3DxN 7KdhtJLENs2eMZERsQTGzmRoIF0340wzERtG7nsazw== X-Google-Smtp-Source: AA+uWPxoj9SWaKjVQ6xGPQyG1LhPdZP44OILt4U6JgYLKAauWAOP5NzDu5vPcQl4pfvEPm8I1haIXYT4bJx5pL0QsQY= X-Received: by 2002:a5b:9ca:: with SMTP id y10-v6mr2959222ybq.389.1534703226039; Sun, 19 Aug 2018 11:27:06 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a25:f205:0:0:0:0:0 with HTTP; Sun, 19 Aug 2018 11:27:05 -0700 (PDT) In-Reply-To: <201808191740.w7JHeoSj052259@repo.freebsd.org> References: <201808191740.w7JHeoSj052259@repo.freebsd.org> From: Oliver Pinter Date: Sun, 19 Aug 2018 20:27:05 +0200 Message-ID: Subject: Re: svn commit: r338059 - in head: . contrib/ntp/lib/isc contrib/ntp/sntp/libevent crypto/heimdal/lib/roken crypto/openssh include lib/libc/gen lib/libc/include sys/crypto/chacha20 To: Xin LI Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Type: text/plain; charset="UTF-8" X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Aug 2018 18:27:07 -0000 On 8/19/18, Xin LI wrote: > Author: delphij > Date: Sun Aug 19 17:40:50 2018 > New Revision: 338059 > URL: https://svnweb.freebsd.org/changeset/base/338059 > > Log: > Update userland arc4random() with OpenBSD's Chacha20 based arc4random(). > > ObsoleteFiles.inc: > > Remove manual pages for arc4random_addrandom(3) and > arc4random_stir(3). > > contrib/ntp/lib/isc/random.c: > contrib/ntp/sntp/libevent/evutil_rand.c: > > Eliminate in-tree usage of arc4random_addrandom(). > > crypto/heimdal/lib/roken/rand.c: > crypto/openssh/config.h: > > Eliminate in-tree usage of arc4random_stir(). > > include/stdlib.h: > > Remove arc4random_stir() and arc4random_addrandom() prototypes, > provide temporary shims for transistion period. > > lib/libc/gen/Makefile.inc: > > Hook arc4random-compat.c to build, add hint for Chacha20 source for > kernel, and remove arc4random_addrandom(3) and arc4random_stir(3) > links. > > lib/libc/gen/arc4random.c: > > Adopt OpenBSD arc4random.c,v 1.54 with bare minimum changes, use the > sys/crypto/chacha20 implementation of keystream. > > lib/libc/gen/Symbol.map: > > Remove arc4random_stir and arc4random_addrandom interfaces. > > lib/libc/gen/arc4random.h: > > Adopt OpenBSD arc4random.h,v 1.4 but provide _ARC4_LOCK of our own. > > lib/libc/gen/arc4random.3: > > Adopt OpenBSD arc4random.3,v 1.35 but keep FreeBSD r114444 and > r118247. > > lib/libc/gen/arc4random-compat.c: > > Compatibility shims for arc4random_stir and arc4random_addrandom > functions to preserve ABI. Log once when called but do nothing > otherwise. > > lib/libc/gen/getentropy.c: > lib/libc/include/libc_private.h: > > Fold __arc4_sysctl into getentropy.c (renamed to arnd_sysctl). > Remove from libc_private.h as a result. > > sys/crypto/chacha20/chacha.c: > sys/crypto/chacha20/chacha.h: > > Make it possible to use the kernel implementation in libc. > > PR: 182610 > Reviewed by: cem, markm > Obtained from: OpenBSD > Relnotes: yes > Differential Revision: https://reviews.freebsd.org/D16760 > > Added: > head/lib/libc/gen/arc4random-compat.c (contents, props changed) > head/lib/libc/gen/arc4random.h (contents, props changed) > Modified: > head/ObsoleteFiles.inc > head/contrib/ntp/lib/isc/random.c > head/contrib/ntp/sntp/libevent/evutil_rand.c > head/crypto/heimdal/lib/roken/rand.c > head/crypto/openssh/config.h > head/include/stdlib.h > head/lib/libc/gen/Makefile.inc > head/lib/libc/gen/Symbol.map > head/lib/libc/gen/arc4random.3 > head/lib/libc/gen/arc4random.c (contents, props changed) > head/lib/libc/gen/getentropy.c > head/lib/libc/include/libc_private.h > head/sys/crypto/chacha20/chacha.c > head/sys/crypto/chacha20/chacha.h > > Modified: head/ObsoleteFiles.inc > ============================================================================== > --- head/ObsoleteFiles.inc Sun Aug 19 17:36:50 2018 (r338058) > +++ head/ObsoleteFiles.inc Sun Aug 19 17:40:50 2018 (r338059) > @@ -38,6 +38,9 @@ > # xargs -n1 | sort | uniq -d; > # done > > +# 20180819: Remove deprecated arc4random(3) stir/addrandom interfaces > +OLD_FILES+=usr/share/man/man3/arc4random_addrandom.3.gz > +OLD_FILES+=usr/share/man/man3/arc4random_stir.3.gz > # 20180819: send-pr(1) placeholder removal > OLD_FILES+=usr/bin/send-pr > # 20180725: Cleanup old libcasper.so.0 > > Modified: head/contrib/ntp/lib/isc/random.c > ============================================================================== > --- head/contrib/ntp/lib/isc/random.c Sun Aug 19 17:36:50 2018 (r338058) > +++ head/contrib/ntp/lib/isc/random.c Sun Aug 19 17:40:50 2018 (r338059) > @@ -67,8 +67,6 @@ isc_random_seed(isc_uint32_t seed) > > #ifndef HAVE_ARC4RANDOM > srand(seed); > -#else > - arc4random_addrandom((u_char *) &seed, sizeof(isc_uint32_t)); > #endif > } > > > Modified: head/contrib/ntp/sntp/libevent/evutil_rand.c > ============================================================================== > --- head/contrib/ntp/sntp/libevent/evutil_rand.c Sun Aug 19 17:36:50 > 2018 (r338058) > +++ head/contrib/ntp/sntp/libevent/evutil_rand.c Sun Aug 19 17:40:50 > 2018 (r338059) > @@ -195,8 +195,6 @@ evutil_secure_rng_get_bytes(void *buf, size_t n) > void > evutil_secure_rng_add_bytes(const char *buf, size_t n) > { > - arc4random_addrandom((unsigned char*)buf, > - n>(size_t)INT_MAX ? INT_MAX : (int)n); > } > > void > > Modified: head/crypto/heimdal/lib/roken/rand.c > ============================================================================== > --- head/crypto/heimdal/lib/roken/rand.c Sun Aug 19 17:36:50 2018 (r338058) > +++ head/crypto/heimdal/lib/roken/rand.c Sun Aug 19 17:40:50 2018 (r338059) > @@ -37,7 +37,6 @@ void ROKEN_LIB_FUNCTION > rk_random_init(void) > { > #if defined(HAVE_ARC4RANDOM) > - arc4random_stir(); > #elif defined(HAVE_SRANDOMDEV) > srandomdev(); > #elif defined(HAVE_RANDOM) This hunk of the patch looks weird. Isn't it would better to undef HAVE_ARC4RANDOM without deleting the arc4random_stir()? Or delete the macro part of detection like #if defined(HAVE_SRANDOM...