Author: delphij
Date: Tue Apr 2 23:41:20 2013
New Revision: 249035
URL: http://svnweb.freebsd.org/changeset/base/249035
Log:
Replace access to /dev/random with the kernel pseudo-random number
source sysctl(KERN_ARND) and remove the fallback code.
Obtained from: OpenBSD
Reviewed by: secteam
MFC after: 1 month
Modified:
head/lib/libc/stdlib/rand.3
head/lib/libc/stdlib/rand.c
head/lib/libc/stdlib/random.3
head/lib/libc/stdlib/random.c
Modified: head/lib/libc/stdlib/rand.3
==============================================================================
--- head/lib/libc/stdlib/rand.3 Tue Apr 2 21:34:38 2013 (r249034)
+++ head/lib/libc/stdlib/rand.3 Tue Apr 2 23:41:20 2013 (r249035)
@@ -32,7 +32,7 @@
.\" @(#)rand.3 8.1 (Berkeley) 6/4/93
.\" $FreeBSD$
.\"
-.Dd September 4, 2012
+.Dd April 2, 2013
.Dt RAND 3
.Os
.Sh NAME
@@ -91,9 +91,7 @@ seeded with a value of 1.
.Pp
The
.Fn sranddev
-function initializes a seed using the
-.Xr random 4
-random number device which returns good random numbers.
+function initializes a seed using pseudo-random numbers obtained from the
kernel.
.Pp
The
.Fn rand_r
Modified: head/lib/libc/stdlib/rand.c
==============================================================================
--- head/lib/libc/stdlib/rand.c Tue Apr 2 21:34:38 2013 (r249034)
+++ head/lib/libc/stdlib/rand.c Tue Apr 2 23:41:20 2013 (r249035)
@@ -36,11 +36,10 @@ static char sccsid[] = "@(#)rand.c 8.1 (
__FBSDID("$FreeBSD$");
#include "namespace.h"
-#include <sys/time.h> /* for sranddev() */
+#include <sys/param.h>
+#include <sys/sysctl.h>
#include <sys/types.h>
-#include <fcntl.h> /* for sranddev() */
#include <stdlib.h>
-#include <unistd.h> /* for sranddev() */
#include "un-namespace.h"
#ifdef TEST
@@ -112,28 +111,20 @@ u_int seed;
* sranddev:
*
* Many programs choose the seed value in a totally predictable manner.
- * This often causes problems. We seed the generator using the much more
- * secure random(4) interface.
+ * This often causes problems. We seed the generator using pseudo-random
+ * data from the kernel.
*/
void
sranddev()
{
- int fd, done;
+ int mib[2];
+ size_t len;
- done = 0;
- fd = _open("/dev/random", O_RDONLY | O_CLOEXEC, 0);
- if (fd >= 0) {
- if (_read(fd, (void *) &next, sizeof(next)) == sizeof(next))
- done = 1;
- _close(fd);
- }
-
- if (!done) {
- struct timeval tv;
-
- gettimeofday(&tv, NULL);
- srand((getpid() << 16) ^ tv.tv_sec ^ tv.tv_usec);
- }
+ len = sizeof(next);
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_ARND;
+ sysctl(mib, 2, (void *)&next, &len, NULL, 0);
}
Modified: head/lib/libc/stdlib/random.3
==============================================================================
--- head/lib/libc/stdlib/random.3 Tue Apr 2 21:34:38 2013
(r249034)
+++ head/lib/libc/stdlib/random.3 Tue Apr 2 23:41:20 2013
(r249035)
@@ -28,7 +28,7 @@
.\" @(#)random.3 8.1 (Berkeley) 6/4/93
.\" $FreeBSD$
.\"
-.Dd September 4, 2012
+.Dd April 2, 2013
.Dt RANDOM 3
.Os
.Sh NAME
@@ -106,8 +106,8 @@ as the seed.
.Pp
The
.Fn srandomdev
-routine initializes a state array using data from
-.Xr random 4 .
+routine initializes a state array using
+pseudo-random numbers obtained from the kernel.
Note that this particular seeding
procedure can generate states which are impossible to reproduce by
calling
Modified: head/lib/libc/stdlib/random.c
==============================================================================
--- head/lib/libc/stdlib/random.c Tue Apr 2 21:34:38 2013
(r249034)
+++ head/lib/libc/stdlib/random.c Tue Apr 2 23:41:20 2013
(r249035)
@@ -34,12 +34,11 @@ static char sccsid[] = "@(#)random.c 8.2
__FBSDID("$FreeBSD$");
#include "namespace.h"
-#include <sys/time.h> /* for srandomdev() */
-#include <fcntl.h> /* for srandomdev() */
+#include <sys/param.h>
+#include <sys/sysctl.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
-#include <unistd.h> /* for srandomdev() */
#include "un-namespace.h"
/*
@@ -284,39 +283,28 @@ srandom(unsigned long x)
* srandomdev:
*
* Many programs choose the seed value in a totally predictable manner.
- * This often causes problems. We seed the generator using the much more
- * secure random(4) interface. Note that this particular seeding
- * procedure can generate states which are impossible to reproduce by
- * calling srandom() with any value, since the succeeding terms in the
- * state buffer are no longer derived from the LC algorithm applied to
- * a fixed seed.
+ * This often causes problems. We seed the generator using pseudo-random
+ * data from the kernel.
+ *
+ * Note that this particular seeding procedure can generate states
+ * which are impossible to reproduce by calling srandom() with any
+ * value, since the succeeding terms in the state buffer are no longer
+ * derived from the LC algorithm applied to a fixed seed.
*/
void
srandomdev(void)
{
- int fd, done;
+ int mib[2];
size_t len;
if (rand_type == TYPE_0)
- len = sizeof state[0];
+ len = sizeof(state[0]);
else
- len = rand_deg * sizeof state[0];
-
- done = 0;
- fd = _open("/dev/random", O_RDONLY | O_CLOEXEC, 0);
- if (fd >= 0) {
- if (_read(fd, (void *) state, len) == (ssize_t) len)
- done = 1;
- _close(fd);
- }
+ len = rand_deg * sizeof(state[0]);
- if (!done) {
- struct timeval tv;
-
- gettimeofday(&tv, NULL);
- srandom((getpid() << 16) ^ tv.tv_sec ^ tv.tv_usec);
- return;
- }
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_ARND;
+ sysctl(mib, 2, state, &len, NULL, 0);
if (rand_type != TYPE_0) {
fptr = &state[rand_sep];
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
