From owner-svn-src-head@freebsd.org Thu Oct 13 13:06:35 2016 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D401FC1016D; Thu, 13 Oct 2016 13:06:35 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: from mail-it0-x244.google.com (mail-it0-x244.google.com [IPv6:2607:f8b0:4001:c0b::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9DAF0A3D; Thu, 13 Oct 2016 13:06:35 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: by mail-it0-x244.google.com with SMTP id o19so5787277ito.3; Thu, 13 Oct 2016 06:06:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=/YjwrfpmfG12F7YMKy7TDAmqy43cb4AhDnVs3ixAyKM=; b=udoO7PPq4v0sY1Mbx6zUPsxKsem6KxefIgCp8eSunspf9aHGL8FQoR7/SohS0eVTXQ D3p/Rkt8suUpebt/IMId+u566e2rczg2uFV6doBoJrmAkCHqJgv4gSQna9h08M5yEQOw cEKGW2/mpjemueM8gLrTsSLFSl+7IFhG0PhqX4Z2eWDfGWbLW+C0saYi0YX4k9OkHjPg QDtRQLNk8glcLJs0OdMV4TknqffSRQOGqKFitRIAHJ5yazirheW4KMojggW0kxuTdEcw b4xYkTsJ4Z08aFDn4Tdt3NVKRdPREvcatnTR4XxLdRPMMfLQlpq4TttXe4wGUvjMuMJp 4zHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=/YjwrfpmfG12F7YMKy7TDAmqy43cb4AhDnVs3ixAyKM=; b=f/Cn72P4KUYA3yu6sOwYiXVeURd/2BVAoomLU1omkKst/np5yyYdlbbHhsTpmKOvD8 cUbnpHbXmVr/VjxlYuHjmKWsLopnmM9MofMTRBLYUVn2dKEM4bpcGuiFEV8m4DMXE52U WL79s+lPqNrv6KhGlWa+mEddOZXmeOODf15/ALXh0YNB1oVQpvKLC3daXBEPfyAL9XQG wdqrN717+ZwCfDzdhPoxRf+erD2+pnJaNwbtZP/wRMZlfaGgDXnrdlcQPfPncDrvtxBP daab9vN788VCBSCFtOABVT4BkDwbWkmZDpmjqyJqd2MlvER+72mSH1vipHLN1moqyuiU c8aA== X-Gm-Message-State: AA6/9RmD+rsCDyaRatjTijnnQ7/+z9FnzuWxhEj+C1oDwgIguddtlFOq5NecrGtcLrBLll2t26PX0z7nh/Su0A== X-Received: by 10.36.108.8 with SMTP id w8mr7740375itb.83.1476363994722; Thu, 13 Oct 2016 06:06:34 -0700 (PDT) MIME-Version: 1.0 Sender: carpeddiem@gmail.com Received: by 10.107.180.211 with HTTP; Thu, 13 Oct 2016 06:06:14 -0700 (PDT) In-Reply-To: <20161013110013.W925@besplex.bde.org> References: <201610121356.u9CDuF1q013531@repo.freebsd.org> <20161013110013.W925@besplex.bde.org> From: Ed Maste Date: Thu, 13 Oct 2016 13:06:14 +0000 X-Google-Sender-Auth: goFlwxKYw2g47otjol7CJAXm7ps Message-ID: Subject: Re: svn commit: r307148 - in head/lib/libc: gen stdlib To: Bruce Evans Cc: "src-committers@freebsd.org" , "svn-src-all@freebsd.org" , "svn-src-head@freebsd.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Oct 2016 13:06:35 -0000 On 13 October 2016 at 02:05, Bruce Evans wrote: > On Wed, 12 Oct 2016, Ed Maste wrote: > > The comment starts by being just wrong: > > 1. "The" sysctl is not used here. Instead, a wrapper arc4_sysctl() is used. > The wrapper handles some but not all errors. Fixed in my WIP tree. > 2. The sysctl can and does fail. It fails on: > - all old kernels mixed with new userlands We don't support new userlands on very old kernels, and I think there are many other things in libc that will fail on kernels old enough to lack kern.arandom. > - with new kernels, at boot time, before the random device is seeded. If that is indeed still possible it's a bug we need to fix before 12.0. > 3. The sysctl can, or at least used to, return short reads with nonzero > counts. That was addressed in markm's 2015 random work, I think. Presumably random() was silently broken for the rand_type != TYPE_0 case prior to that. > The documentation for this is well hidden, but the > arc4_sysctl() wrapper exists to support short reads, or perhaps just > the special case of short reads of 0, which it handles poorly by > possibly spinning forever. I suspect we can just remove the arc4_sysctl wrapper too. > Then the excuse is wrong. abort() never makes sense in library functions. arc4random must not return without good quality random data. The other option would be for it to loop indefinitely. > Here it gives very confusing errors for the delicate boot-time fandago > case. The "delicate boot-time fandango case" was a bug. > Style bugs: > - sentence breaks are 2 spaces in KNF, and all old code in this file follows > that rule. Fixed in my WIP tree. > - 'abort' is not marked up Fixed in my WIP tree. > This is even more broken, since it doesn't have the wrapper. This and the other issues predate my changes; I'll take a look at the history soon.