From nobody Wed Nov 20 02:31:56 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XtQNr4w9Sz5d4sM; Wed, 20 Nov 2024 02:31:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XtQNr4Tq3z40qk; Wed, 20 Nov 2024 02:31:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1732069916; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0Z2yZX92ndNiqVgEqgLr/FDjyxu+SWFMIzoYvupZ/F4=; b=vTiL/+ADZfSmjMO6btiglQ9xApiav8vULBzAvYIk2kVzmlL5i/jPKg44wJ/GSaf6unjMee 0aowhkCcOC23hwSDqkoz3RL6QIv0xLywR4l8cxTym90JKYXifXLmfBgoovz/zXeIDbjv7+ LgLPQVEID548YWpyJPJrgwynjqjLHgZOybgMMEvvkodawPw2+gRwX7pvZi4wVPdtZxptLs TOhs+wgOSZSeKdnc63xmGV+INnkjjXcGNjwfw2yYj/6x/JfA9xk0ZGr9dPZehNzfG47ACK AdtqmmMr+OU9JJPloNp+1GEBKm6vBSvspPkHaF0aipz0LsA+tL5wXvzg41W9qg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1732069916; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0Z2yZX92ndNiqVgEqgLr/FDjyxu+SWFMIzoYvupZ/F4=; b=n0zJeVYq31qUR3lroo36OlkCkD+Vcuwdw9Z76obOZfvdSnLGzNKLfv+RlTqyifpsfjNi42 Z6paVuyyRDKcYRIxqLZL8loFnF+4pr8oFD3ZKcGxYFZKN3aaZv7JFBYhrXVechPyOsjyVh C9zTGF36Yj9v6y+Oi97JiBhL/heC5getOVHCm4yRU2jVsW/aHUHNRVE8Mm8I0tPCSPAKZ7 /vBdQ4FYba2Ev5Bfgcdyv5HN0+p8Nh7Kf9T5SvtHD7njyw2Esp7L4RQ5ZvL0gFnhFUbMdO k+IPaY+mPYkkR/rKaysuvBYkBg2AT9tPVfGuBgqIM5QCgKz1W4tZXy328rG1Kg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1732069916; a=rsa-sha256; cv=none; b=dF8s4+CM7wvJZAMpR+cFmzbyrI91YMjHIs0s4vZvAU/LtFsLZXQuplDLQAR5CH+jCZhHZh Ibo5lBAz4+KQGkgU/ns1taYIJxY4ZDyuDykWpyAMt9tZJM7cUnV+491QMf709EJRT/KDoj GKfkHD6jS+o+P+SZ+HcX1JFdG9ZsP9pJzGGTMhs4Vd4LUI1gVKLRDjKPk8SQerfKm6Tvwi q6kC8eFPVw3RfuziupLpujqXkVZKAJBNYeQuf7kb5wP6CwrzPQp+KOvc5YOSJPkHjGAaLy vu6HMWvDIWZz4wpEgPvol86GxcKVGBmPT3Fh9TXgvvQdOE/VVHUl7YMm8uuJ/Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XtQNr45gczcCX; Wed, 20 Nov 2024 02:31:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AK2Vu0h081149; Wed, 20 Nov 2024 02:31:56 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AK2VulK081145; Wed, 20 Nov 2024 02:31:56 GMT (envelope-from git) Date: Wed, 20 Nov 2024 02:31:56 GMT Message-Id: <202411200231.4AK2VulK081145@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: 62dab3d016ab - main - getentropy: Remove fallback code List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 62dab3d016abca717e396119ff33fdf22ed604f3 Auto-Submitted: auto-generated The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=62dab3d016abca717e396119ff33fdf22ed604f3 commit 62dab3d016abca717e396119ff33fdf22ed604f3 Author: Ed Maste AuthorDate: 2024-11-16 15:25:44 +0000 Commit: Ed Maste CommitDate: 2024-11-20 02:29:46 +0000 getentropy: Remove fallback code We don't in general support running newer libc on an older kernel, but have occasionally added support for specific functionality on a case-by- case basis. When we do this it is usually done as an aid for developers to get across a change that introduced new functionality, as for 64-bit inodes and the introduction of the getrandom syscall. The getrandom syscall was added in commit e9ac27430c0c ("Implement getrandom(2) and getentropy(3)") in 2018, and exists in all supported FreeBSD versions. The ECAPMODE special case applied to a few months worth of kernel versions also in 2018 -- fixed as of commit ed1fa01ac45a ("Regen after r337998."). The backwards-compatibility support is no longer needed, so remove it. Relnotes: Yes Reviewed by: brooks, cem, delphij Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D47636 --- lib/libc/gen/getentropy.c | 99 +++++------------------------------------------ 1 file changed, 9 insertions(+), 90 deletions(-) diff --git a/lib/libc/gen/getentropy.c b/lib/libc/gen/getentropy.c index 40debe4ab662..e87796ace58c 100644 --- a/lib/libc/gen/getentropy.c +++ b/lib/libc/gen/getentropy.c @@ -28,121 +28,40 @@ #include #include -#include #include #include -#include -#include -#include #include #include "libc_private.h" -/* First __FreeBSD_version bump after introduction of getrandom(2) (r331279) */ -#define GETRANDOM_FIRST 1200061 - -extern int __sysctl(int *, u_int, void *, size_t *, void *, size_t); - static inline void _getentropy_fail(void) { raise(SIGKILL); } -static size_t -arnd_sysctl(u_char *buf, size_t size) -{ - int mib[2]; - size_t len, done; - - mib[0] = CTL_KERN; - mib[1] = KERN_ARND; - done = 0; - - do { - len = size; - if (__sysctl(mib, 2, buf, &len, NULL, 0) == -1) - return (done); - done += len; - buf += len; - size -= len; - } while (size > 0); - - return (done); -} - -/* - * If a newer libc is accidentally installed on an older kernel, provide high - * quality random data anyway. The sysctl interface is not as fast and does - * not block by itself, but is provided by even very old kernels. - */ -static int -getentropy_fallback(void *buf, size_t buflen) -{ - /* - * oldp (buf) == NULL has a special meaning for sysctl that results in - * no EFAULT. For compatibility with the kernel getrandom(2), detect - * this case and return the appropriate error. - */ - if (buf == NULL && buflen > 0) { - errno = EFAULT; - return (-1); - } - if (arnd_sysctl(buf, buflen) != buflen) { - if (errno == EFAULT) - return (-1); - /* - * This cannot happen. arnd_sysctl() spins until the random - * device is seeded and then repeatedly reads until the full - * request is satisfied. The only way for this to return a zero - * byte or short read is if sysctl(2) on the kern.arandom MIB - * fails. In this case, excepting the user-provided-a-bogus- - * buffer EFAULT, give up (like for arc4random(3)'s arc4_stir). - */ - _getentropy_fail(); - } - return (0); -} - int __ssp_real(getentropy)(void *buf, size_t buflen) { ssize_t rd; - bool have_getrandom; if (buflen > 256) { errno = EIO; return (-1); } - have_getrandom = (__getosreldate() >= GETRANDOM_FIRST); - while (buflen > 0) { - if (have_getrandom) { - rd = getrandom(buf, buflen, 0); - if (rd == -1) { - switch (errno) { - case ECAPMODE: - /* - * Kernel >= r331280 (4948f7bf1153) - * and < r337999 (ed1fa01ac45a) will - * return ECAPMODE when the caller is - * already in capability mode; fallback - * to traditional method in this case. - */ - have_getrandom = false; - continue; - case EINTR: - continue; - case EFAULT: - return (-1); - default: - _getentropy_fail(); - } + rd = getrandom(buf, buflen, 0); + if (rd == -1) { + switch (errno) { + case EINTR: + continue; + case EFAULT: + return (-1); + default: + _getentropy_fail(); } - } else { - return (getentropy_fallback(buf, buflen)); } /* This cannot happen. */