From nobody Tue Jul 16 05:12:45 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WNRz13tqvz5R18Z; Tue, 16 Jul 2024 05:12:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WNRz13HfDz4hfG; Tue, 16 Jul 2024 05:12:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721106765; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=z0iL5jmQtQaUjTcp0jSnlvGBdAOQPO6aTvFbApFlIHE=; b=W3coQ/yUPYNQD9BjYlmSFxXRAxo332XqcYekh2JvvoQtclWuMjaZKAUeTb29OF2MjxNHkA egWWBWLTIaZlTc4SuIPe1gjUH7zZdnmlZFUoP4xnOxUGd3AFKKJ1SqPFjJptwkv5sxQ4mU Q5TiMMtGenBeBmafLbSHaLj5HtY0NmeYPmbmPRutaIHA+51c8lq0eV53pHnRdAGLuRnvQK T5FulqqOLkqfUTwKSarJLeQpFOC91L0R2/cGh8RrncGUtyxgeB6IpmDLe+fzozFq/QIRbL WKntf2S0N7/krwtrU+yoSgpK/aPnoYMbMcvTS9UcPKUg9dDxCVnLvRWmEV4muw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1721106765; a=rsa-sha256; cv=none; b=iXRDRzXjP+j1yc/RwD4Cu0OU5/WyHILBRqv+LZ91fofxhM71BPzb3dwJqulvGuMcubtGQh oqfWQN8zdy8YKWfkMveO9ye2e8L6V2j0rwhEDQ4TJBWtG0KQEbjYEHC8+g2hPs2tfZrrpi qPmYl9sitZli4/KkXbAh2CjpEW23gxJ2kewQVPbIzQGIqUHBxwgzcyp4nWIifkUxv1zXh1 IpPIBBmjlKX2Uxltzf+HScWV96Zs9iVelHsHTV1pxW1xmyo5xVMkH3jET2mc9BMuGIrw4T bboV6xCt3S3sde8lQDH/v3c2UGX7c02fJ7r2WJD+w01TU0VCx+tThF6NMs89hQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1721106765; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=z0iL5jmQtQaUjTcp0jSnlvGBdAOQPO6aTvFbApFlIHE=; b=Qx0vWTKULFS8J6/oZNXl2jXm2kAr5rPnjQ6OhSBReSpwDkrnzOY1Cgg6rGq6MgE4JzZW5r 53/MyC0l8jtRLZEgmtsDYJ+e3xCVrDMv3Ud2BBdsiTdQvZFfCT3SHi/fEmWY+VoFIvrCeZ bCG9FR6zWf7UZFwFEgRqWB5Vzy5m7CoqQM1wja4L4FqZNBhoyhkzAZLfls28hgNZ1/NIXX uHFONbQ6DwDqSl2VUOVcHZTGPBIvjamfT37RIw2ls4Bj2/VBlG1ZjiIONX6ZdXO9vNpXnt jyuEsZOKWIY5qBXT8lOlUCWteuMOFxg8nEyYW21i7rLBxIvVmUfmP+zsYC+/Cw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WNRz12b9ZzNK2; Tue, 16 Jul 2024 05:12:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 46G5Cj5t056394; Tue, 16 Jul 2024 05:12:45 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 46G5CjpV056391; Tue, 16 Jul 2024 05:12:45 GMT (envelope-from git) Date: Tue, 16 Jul 2024 05:12:45 GMT Message-Id: <202407160512.46G5CjpV056391@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kyle Evans Subject: git: 838b6caababb - main - openssl: use getrandom(2) instead of probing for getentropy(2) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 838b6caababbaaab65659d40a41c2dd46b3a5fd2 Auto-Submitted: auto-generated The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=838b6caababbaaab65659d40a41c2dd46b3a5fd2 commit 838b6caababbaaab65659d40a41c2dd46b3a5fd2 Author: Kyle Evans AuthorDate: 2024-07-16 05:12:27 +0000 Commit: Kyle Evans CommitDate: 2024-07-16 05:12:27 +0000 openssl: use getrandom(2) instead of probing for getentropy(2) The probing for getentropy(2) relies on re-declaring getentropy(2) as weak and checking the address, but this is incompatible with the _FORTIFY_SOURCE symbol renaming scheme. It's always present on all supported FreeBSD versions now so we could cut it down to unconditional use, but there's another segment for getrandom(2) already that's cleaner to just add us to. We should upstream this. Reviewed by: kib (earlier version), markj Sponsored by: Klara, Inc. Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D45976 --- .../openssl/providers/implementations/rands/seeding/rand_unix.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/crypto/openssl/providers/implementations/rands/seeding/rand_unix.c b/crypto/openssl/providers/implementations/rands/seeding/rand_unix.c index 750afca58ed7..eadacedbe40c 100644 --- a/crypto/openssl/providers/implementations/rands/seeding/rand_unix.c +++ b/crypto/openssl/providers/implementations/rands/seeding/rand_unix.c @@ -356,7 +356,7 @@ static ssize_t syscall_random(void *buf, size_t buflen) * Note: Sometimes getentropy() can be provided but not implemented * internally. So we need to check errno for ENOSYS */ -# if !defined(__DragonFly__) && !defined(__NetBSD__) +# if !defined(__DragonFly__) && !defined(__NetBSD__) && !defined(__FreeBSD__) # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) extern int getentropy(void *buffer, size_t length) __attribute__((weak)); @@ -393,11 +393,12 @@ static ssize_t syscall_random(void *buf, size_t buflen) /* Linux supports this since version 3.17 */ # if defined(__linux) && defined(__NR_getrandom) return syscall(__NR_getrandom, buf, buflen, 0); -# elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND) - return sysctl_random(buf, buflen); # elif (defined(__DragonFly__) && __DragonFly_version >= 500700) \ - || (defined(__NetBSD__) && __NetBSD_Version >= 1000000000) + || (defined(__NetBSD__) && __NetBSD_Version >= 1000000000) \ + || defined(__FreeBSD__) return getrandom(buf, buflen, 0); +# elif defined(__NetBSD__) && defined(KERN_ARND) + return sysctl_random(buf, buflen); # else errno = ENOSYS; return -1;