From owner-svn-src-head@FreeBSD.ORG  Tue Apr  2 23:41:22 2013
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 158E1853;
 Tue,  2 Apr 2013 23:41:22 +0000 (UTC)
 (envelope-from delphij@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 by mx1.freebsd.org (Postfix) with ESMTP id ED2253E7;
 Tue,  2 Apr 2013 23:41:21 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.6/8.14.6) with ESMTP id r32NfL1C096958;
 Tue, 2 Apr 2013 23:41:21 GMT (envelope-from delphij@svn.freebsd.org)
Received: (from delphij@localhost)
 by svn.freebsd.org (8.14.6/8.14.5/Submit) id r32NfL8L096954;
 Tue, 2 Apr 2013 23:41:21 GMT (envelope-from delphij@svn.freebsd.org)
Message-Id: <201304022341.r32NfL8L096954@svn.freebsd.org>
From: Xin LI <delphij@FreeBSD.org>
Date: Tue, 2 Apr 2013 23:41:21 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r249035 - head/lib/libc/stdlib
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2013 23:41:22 -0000

Author: delphij
Date: Tue Apr  2 23:41:20 2013
New Revision: 249035
URL: http://svnweb.freebsd.org/changeset/base/249035

Log:
  Replace access to /dev/random with the kernel pseudo-random number
  source sysctl(KERN_ARND) and remove the fallback code.
  
  Obtained from:	OpenBSD
  Reviewed by:	secteam
  MFC after:	1 month

Modified:
  head/lib/libc/stdlib/rand.3
  head/lib/libc/stdlib/rand.c
  head/lib/libc/stdlib/random.3
  head/lib/libc/stdlib/random.c

Modified: head/lib/libc/stdlib/rand.3
==============================================================================
--- head/lib/libc/stdlib/rand.3	Tue Apr  2 21:34:38 2013	(r249034)
+++ head/lib/libc/stdlib/rand.3	Tue Apr  2 23:41:20 2013	(r249035)
@@ -32,7 +32,7 @@
 .\"     @(#)rand.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd September 4, 2012
+.Dd April 2, 2013
 .Dt RAND 3
 .Os
 .Sh NAME
@@ -91,9 +91,7 @@ seeded with a value of 1.
 .Pp
 The
 .Fn sranddev
-function initializes a seed using the
-.Xr random 4
-random number device which returns good random numbers.
+function initializes a seed using pseudo-random numbers obtained from the kernel.
 .Pp
 The
 .Fn rand_r

Modified: head/lib/libc/stdlib/rand.c
==============================================================================
--- head/lib/libc/stdlib/rand.c	Tue Apr  2 21:34:38 2013	(r249034)
+++ head/lib/libc/stdlib/rand.c	Tue Apr  2 23:41:20 2013	(r249035)
@@ -36,11 +36,10 @@ static char sccsid[] = "@(#)rand.c	8.1 (
 __FBSDID("$FreeBSD$");
 
 #include "namespace.h"
-#include <sys/time.h>          /* for sranddev() */
+#include <sys/param.h>
+#include <sys/sysctl.h>
 #include <sys/types.h>
-#include <fcntl.h>             /* for sranddev() */
 #include <stdlib.h>
-#include <unistd.h>            /* for sranddev() */
 #include "un-namespace.h"
 
 #ifdef TEST
@@ -112,28 +111,20 @@ u_int seed;
  * sranddev:
  *
  * Many programs choose the seed value in a totally predictable manner.
- * This often causes problems.  We seed the generator using the much more
- * secure random(4) interface.
+ * This often causes problems.  We seed the generator using pseudo-random
+ * data from the kernel.
  */
 void
 sranddev()
 {
-	int fd, done;
+	int mib[2];
+	size_t len;
 
-	done = 0;
-	fd = _open("/dev/random", O_RDONLY | O_CLOEXEC, 0);
-	if (fd >= 0) {
-		if (_read(fd, (void *) &next, sizeof(next)) == sizeof(next))
-			done = 1;
-		_close(fd);
-	}
-
-	if (!done) {
-		struct timeval tv;
-
-		gettimeofday(&tv, NULL);
-		srand((getpid() << 16) ^ tv.tv_sec ^ tv.tv_usec);
-	}
+	len = sizeof(next);
+
+	mib[0] = CTL_KERN;
+	mib[1] = KERN_ARND;
+	sysctl(mib, 2, (void *)&next, &len, NULL, 0);
 }
 
 

Modified: head/lib/libc/stdlib/random.3
==============================================================================
--- head/lib/libc/stdlib/random.3	Tue Apr  2 21:34:38 2013	(r249034)
+++ head/lib/libc/stdlib/random.3	Tue Apr  2 23:41:20 2013	(r249035)
@@ -28,7 +28,7 @@
 .\"     @(#)random.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd September 4, 2012
+.Dd April 2, 2013
 .Dt RANDOM 3
 .Os
 .Sh NAME
@@ -106,8 +106,8 @@ as the seed.
 .Pp
 The
 .Fn srandomdev
-routine initializes a state array using data from
-.Xr random 4 .
+routine initializes a state array using
+pseudo-random numbers obtained from the kernel.
 Note that this particular seeding
 procedure can generate states which are impossible to reproduce by
 calling

Modified: head/lib/libc/stdlib/random.c
==============================================================================
--- head/lib/libc/stdlib/random.c	Tue Apr  2 21:34:38 2013	(r249034)
+++ head/lib/libc/stdlib/random.c	Tue Apr  2 23:41:20 2013	(r249035)
@@ -34,12 +34,11 @@ static char sccsid[] = "@(#)random.c	8.2
 __FBSDID("$FreeBSD$");
 
 #include "namespace.h"
-#include <sys/time.h>          /* for srandomdev() */
-#include <fcntl.h>             /* for srandomdev() */
+#include <sys/param.h>
+#include <sys/sysctl.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <unistd.h>            /* for srandomdev() */
 #include "un-namespace.h"
 
 /*
@@ -284,39 +283,28 @@ srandom(unsigned long x)
  * srandomdev:
  *
  * Many programs choose the seed value in a totally predictable manner.
- * This often causes problems.  We seed the generator using the much more
- * secure random(4) interface.  Note that this particular seeding
- * procedure can generate states which are impossible to reproduce by
- * calling srandom() with any value, since the succeeding terms in the
- * state buffer are no longer derived from the LC algorithm applied to
- * a fixed seed.
+ * This often causes problems.  We seed the generator using pseudo-random
+ * data from the kernel.
+ *
+ * Note that this particular seeding procedure can generate states
+ * which are impossible to reproduce by calling srandom() with any
+ * value, since the succeeding terms in the state buffer are no longer
+ * derived from the LC algorithm applied to a fixed seed.
  */
 void
 srandomdev(void)
 {
-	int fd, done;
+	int mib[2];
 	size_t len;
 
 	if (rand_type == TYPE_0)
-		len = sizeof state[0];
+		len = sizeof(state[0]);
 	else
-		len = rand_deg * sizeof state[0];
-
-	done = 0;
-	fd = _open("/dev/random", O_RDONLY | O_CLOEXEC, 0);
-	if (fd >= 0) {
-		if (_read(fd, (void *) state, len) == (ssize_t) len)
-			done = 1;
-		_close(fd);
-	}
+		len = rand_deg * sizeof(state[0]);
 
-	if (!done) {
-		struct timeval tv;
-
-		gettimeofday(&tv, NULL);
-		srandom((getpid() << 16) ^ tv.tv_sec ^ tv.tv_usec);
-		return;
-	}
+	mib[0] = CTL_KERN;
+	mib[1] = KERN_ARND;
+	sysctl(mib, 2, state, &len, NULL, 0);
 
 	if (rand_type != TYPE_0) {
 		fptr = &state[rand_sep];