Date: Fri, 30 May 2014 18:41:03 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: Ted Unangst <tedu@tedunangst.com> Cc: freebsd-hackers@freebsd.org Subject: Re: switch arc4random to chacha Message-ID: <20140530154103.GL3991@kib.kiev.ua> In-Reply-To: <f0b9ae8e7b2a40a9ab253438261c2c75@tedunangst.com> References: <f0b9ae8e7b2a40a9ab253438261c2c75@tedunangst.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--hdhkc9EpVJoq6PQ6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, May 29, 2014 at 09:04:11PM -0400, Ted Unangst wrote: > This syncs libc arc4random.c with OpenBSD, mostly to change the > implementation to ChaCha20. >=20 > I removed the more complicated seed fetching code and changed it to > just sysctl(). A quick check revealed that the FreeBSD kernel supports > this for at least five years now. It's much simpler to use code that > always works instead of a series of untested fallbacks that are even > less likely to work. >=20 > Also removes the addrandom interface as a useless complication. If the > kernel is incapable of properly seeding arc4random, application code > can't do any better. >=20 > Unfortunately, I don't have any FreeBSD systems running at the moment, > so I can't make any promises that this will even compile, but it > passed the eyeball test. Am I right that the patch removes arc4random_stir and arc4random_addrandom symbols ? If yes, this is done incorrect, and it in fact is disallowed, since it breaks ABI. The compat shims must be provided, possibly issuing a warning, and default version for the symbols must be removed to prevent linking new consumers. --hdhkc9EpVJoq6PQ6 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBAgAGBQJTiKaPAAoJEJDCuSvBvK1BhHoP/2jpaIfQRiSteBMwymrXgo8r viD7Rx/uWKhR3KjD9as5De79guExpgxf5jgkEuRYOdMIjUdvGanYPe19e/kKCfKl BP9pMUcXumjoOrt/7rcMZEPuHyoU6WnrrEAVxbmkEN2YSDiWNovw29HaYDVZjqdo TRAoTiPkauq78zhDQtHOrxfc3ixbCoqzPvQuP9D76fRM/bmCM0x9fU9cwffQU8tC YgRKWYkgOxz1fQ1Wg2sDCNxKIGj/5d8uIRuw7gaWeiTjA2MMi17VtajylFmrvfx4 HAtj5B/nFa3zL4DT1tc6SmFvxIpmnxTIySaTCp1SDjFK9Mpu2EiWlTMdbAPO/EmK CpyYT+jTHl2l7bMKwDSrEZEVbnI0qt3WgUCsiSO1pCyVwNuDey+sqED2t2DU5f/Q yBy/tkLL/tYROXMN7Zv801QrQz7cbUJCSeLZ7V+KWu7Q8Wv4d3CGALmSvyh/VV4W vuDgoZ6KZ/Kpe80scMR+3+Usm0gRv7AgTJkLJqo5ZjSrzFNLLn5Vo4+G16002xzI slt3RwibmMalY8oIWpUL5GsNW8PaVP1Uaa+XUsXSM0zRxJOFm4PSI/xBsLRRcf/D wCwWnIbwRgB4ntY5lmooLSru6/yk5fU9dTZygww0KfumtFqfMG2f93aPfgk5WLER Id58NHYSSq9/3ZgJoMcy =14XU -----END PGP SIGNATURE----- --hdhkc9EpVJoq6PQ6--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140530154103.GL3991>