Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/lib/libc/gen/arc4random.h
39476 views
1
/*	$OpenBSD: arc4random.h,v 1.4 2015/01/15 06:57:18 deraadt Exp $	*/

2


3
/*

4
 * Copyright (c) 1996, David Mazieres <[email protected]>

5
 * Copyright (c) 2008, Damien Miller <[email protected]>

6
 * Copyright (c) 2013, Markus Friedl <[email protected]>

7
 * Copyright (c) 2014, Theo de Raadt <[email protected]>

8
 *

9
 * Permission to use, copy, modify, and distribute this software for any

10
 * purpose with or without fee is hereby granted, provided that the above

11
 * copyright notice and this permission notice appear in all copies.

12
 *

13
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

14
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

15
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

16
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

17
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

18
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

19
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

20
 */

21


22
/*

23
 * Stub functions for portability.

24
 */

25
#include <sys/elf.h>

26
#include <sys/endian.h>

27
#include <sys/mman.h>

28
#if ARC4RANDOM_FXRNG != 0

29
#include <sys/time.h>	/* for sys/vdso.h only. */

30
#include <sys/vdso.h>

31
#include <machine/atomic.h>

32
#endif

33


34
#include <err.h>

35
#include <errno.h>

36
#include <signal.h>

37
#include <stdbool.h>

38
#include <stdint.h>

39


40
#if ARC4RANDOM_FXRNG != 0

41
/*

42
 * The kernel root seed version is a 64-bit counter, but we truncate it to a

43
 * 32-bit value in userspace for the convenience of 32-bit platforms.  32-bit

44
 * rollover is not possible with the current reseed interval (1 hour at limit)

45
 * without dynamic addition of new random devices (which also force a reseed in

46
 * the FXRNG design).  We don't have any dynamic device mechanism at this

47
 * time, and anyway something else is very wrong if billions of new devices are

48
 * being added.

49
 *

50
 * As is, it takes roughly 456,000 years of runtime to overflow the 32-bit

51
 * version.

52
 */

53
#define	fxrng_load_acq_generation(x)	atomic_load_acq_32(x)

54
static struct vdso_fxrng_generation_1 *vdso_fxrngp;

55
#endif

56


57
static pthread_mutex_t	arc4random_mtx = PTHREAD_MUTEX_INITIALIZER;

58
#define	_ARC4_LOCK()						\

59
	do {							\

60
		if (__isthreaded)				\

61
			_pthread_mutex_lock(&arc4random_mtx);	\

62
	} while (0)

63


64
#define	_ARC4_UNLOCK()						\

65
	do {							\

66
		if (__isthreaded)				\

67
			_pthread_mutex_unlock(&arc4random_mtx);	\

68
	} while (0)

69


70
static inline void

71
_getentropy_fail(void)

72
{

73
	raise(SIGKILL);

74
}

75


76
static inline void

77
_rs_initialize_fxrng(void)

78
{

79
#if ARC4RANDOM_FXRNG != 0

80
	struct vdso_fxrng_generation_1 *fxrngp;

81
	int error;

82


83
	error = _elf_aux_info(AT_FXRNG, &fxrngp, sizeof(fxrngp));

84
	if (error != 0) {

85
		/*

86
		 * New userspace on an old or !RANDOM_FENESTRASX kernel; or an

87
		 * arch that does not have a VDSO page.

88
		 */

89
		return;

90
	}

91


92
	/* Old userspace on newer kernel. */

93
	if (fxrngp->fx_vdso_version != VDSO_FXRNG_VER_1)

94
		return;

95


96
	vdso_fxrngp = fxrngp;

97
#endif

98
}

99


100
static inline int

101
_rs_allocate(struct _rs **rsp, struct _rsx **rsxp)

102
{

103
	struct {

104
		struct _rs rs;

105
		struct _rsx rsx;

106
	} *p;

107


108
	if ((p = mmap(NULL, sizeof(*p), PROT_READ|PROT_WRITE,

109
	    MAP_ANON|MAP_PRIVATE, -1, 0)) == MAP_FAILED)

110
		return (-1);

111
	/* Allow bootstrapping arc4random.c on Linux/macOS */

112
#ifdef INHERIT_ZERO

113
	if (minherit(p, sizeof(*p), INHERIT_ZERO) == -1) {

114
		munmap(p, sizeof(*p));

115
		return (-1);

116
	}

117
#endif

118


119
	_rs_initialize_fxrng();

120


121
	*rsp = &p->rs;

122
	*rsxp = &p->rsx;

123
	return (0);

124
}

125


126
/*

127
 * This isn't only detecting fork.  We're also using the existing callback from

128
 * _rs_stir_if_needed() to force arc4random(3) to reseed if the fenestrasX root

129
 * seed version has changed.  (That is, the root random(4) has reseeded from

130
 * pooled entropy.)

131
 */

132
static inline void

133
_rs_forkdetect(void)

134
{

135
	/* Detect fork (minherit(2) INHERIT_ZERO). */

136
	if (__predict_false(rs == NULL || rsx == NULL))

137
		return;

138
#if ARC4RANDOM_FXRNG != 0

139
	/* If present, detect kernel FenestrasX seed version change. */

140
	if (vdso_fxrngp == NULL)

141
		return;

142
	if (__predict_true(rsx->rs_seed_generation ==

143
	    fxrng_load_acq_generation(&vdso_fxrngp->fx_generation32)))

144
		return;

145
#endif

146
	/* Invalidate rs_buf to force "stir" (reseed). */

147
	memset(rs, 0, sizeof(*rs));

148
}

149


150