2 files changed, 112 insertions, 96 deletions
diff --git a/src/lib/libcrypto/arc4random/getentropy_linux.c b/src/lib/libcrypto/arc4random/getentropy_linux.c
index ea838cd03c..39bd57a33a 100644
--- a/src/lib/libcrypto/arc4random/getentropy_linux.c
+++ b/src/lib/libcrypto/arc4random/getentropy_linux.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: getentropy_linux.c,v 1.3 2014/06/20 20:18:19 deraadt Exp $    */
+/*      $OpenBSD: getentropy_linux.c,v 1.4 2014/06/20 20:27:22 beck Exp $       */
 /*
 * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
@@ -88,15 +88,16 @@ getentropy(void *buf, size_t len)
 #ifdef RANDOM_UUID
        /*
-         * Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID.  sysctl is
+         * Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID.
-         * a failsafe API, so it guarantees a result.  This should work
+         * sysctl is a failsafe API, so it guarantees a result.  This
-         * inside a chroot, or when file descriptors are exhuasted.
+         * should work inside a chroot, or when file descriptors are
+         * exhuasted.
         *
-         * However this can fail if the Linux kernel removes support for sysctl.
+         * However this can fail if the Linux kernel removes support
-         * Starting in 2007, there have been efforts to deprecate the sysctl
+         * for sysctl.  Starting in 2007, there have been efforts to
-         * API/ABI, and push callers towards use of the chroot-unavailable
+         * deprecate the sysctl API/ABI, and push callers towards use
-         * fd-using /proc mechanism -- essentially the same problems as
+         * of the chroot-unavailable fd-using /proc mechanism --
-         * /dev/urandom.
+         * essentially the same problems as /dev/urandom.
         *
         * Numerous setbacks have been encountered in their deprecation
         * schedule, so as of June 2014 the kernel ABI still exists. The
@@ -117,7 +118,8 @@ getentropy(void *buf, size_t len)
         * We have very few options:
         *     - Even syslog_r is unsafe to call at this low level, so
         *       there is no way to alert the user or program.
-         *     - Cannot call abort() because some systems have unsafe corefiles.
+         *     - Cannot call abort() because some systems have unsafe
+         *       corefiles.
         *     - Could raise(SIGKILL) resulting in silent program termination.
         *     - Return EIO, to hint that arc4random's stir function
         *       should raise(SIGKILL)
@@ -292,35 +294,36 @@ getentropy_fallback(void *buf, size_t len)
                SHA512_Init(&ctx);
                for (repeat = 0; repeat < REPEAT; repeat++) {
-                HASHX((e = gettimeofday(&tv, NULL)) == -1, tv);
+                        HASHX((e = gettimeofday(&tv, NULL)) == -1, tv);
-                if (e != -1) {
+                        if (e != -1) {
-                        counter += (int)tv.tv_sec;
+                                counter += (int)tv.tv_sec;
-                        counter += (int)tv.tv_usec;
+                                counter += (int)tv.tv_usec;
-                }
+                        }
-                for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)
+                        for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)
-                        HASHX(clock_gettime(cl[ii], &ts) == -1, ts);
+                                HASHX(clock_gettime(cl[ii], &ts) == -1, ts);
-                HASHX((pid = getpid()) == -1, pid);
+                        HASHX((pid = getpid()) == -1, pid);
-                HASHX((pid = getsid(pid)) == -1, pid);
+                        HASHX((pid = getsid(pid)) == -1, pid);
-                HASHX((pid = getppid()) == -1, pid);
+                        HASHX((pid = getppid()) == -1, pid);
-                HASHX((pid = getpgid(0)) == -1, pid);
+                        HASHX((pid = getpgid(0)) == -1, pid);
-                HASHX((m = getpriority(0, 0)) == -1, m);
+                        HASHX((m = getpriority(0, 0)) == -1, m);
-                ts.tv_sec = 0;
+                        ts.tv_sec = 0;
-                ts.tv_nsec = 1;
+                        ts.tv_nsec = 1;
-                (void) nanosleep(&ts, NULL);
+                        (void) nanosleep(&ts, NULL);
-                HASHX(sigpending(&sigset) == -1, sigset);
+                        HASHX(sigpending(&sigset) == -1, sigset);
-                HASHX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, sigset);
+                        HASHX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1,
+                            sigset);
-                HASHD(main);            /* an address in the main program */
+                        HASHD(main);       /* an address in the main program */
-                HASHD(getentropy);              /* an address in this library */
+                        HASHD(getentropy); /* man address in this library */
-                HASHD(printf);          /* an address in libc */
+                        HASHD(printf);     /* an address in libc */
-                p = (void *)&p;
+                        p = (void *)&p;
-                HASHD(p);                       /* an address on stack */
+                        HASHD(p);         /* an address on stack */
-                p = (void *)&errno;
+                        p = (void *)&errno;
-                HASHD(p);                       /* the address of errno */
+                        HASHD(p);        /* the address of errno */
                if (i == 0) {
                        struct sockaddr_storage ss;
@@ -337,13 +340,13 @@ getentropy_fallback(void *buf, size_t len)
                        struct mm {
                                size_t  npg;
                                void    *p;
-                        } mm[] = {
+                        } mm[] =         {
-                            { 17, MAP_FAILED }, { 3, MAP_FAILED },
+                                { 17, MAP_FAILED }, { 3, MAP_FAILED },
-                            { 11, MAP_FAILED }, { 2, MAP_FAILED },
+                                { 11, MAP_FAILED }, { 2, MAP_FAILED },
-                            { 5, MAP_FAILED }, { 3, MAP_FAILED },
+                                { 5, MAP_FAILED }, { 3, MAP_FAILED },
-                            { 7, MAP_FAILED }, { 1, MAP_FAILED },
+                                { 7, MAP_FAILED }, { 1, MAP_FAILED },
-                            { 57, MAP_FAILED }, { 3, MAP_FAILED },
+                                { 57, MAP_FAILED }, { 3, MAP_FAILED },
-                            { 131, MAP_FAILED }, { 1, MAP_FAILED },
+                                { 131, MAP_FAILED }, { 1, MAP_FAILED },
                        };
                        for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) {
@@ -355,20 +358,23 @@ getentropy_fallback(void *buf, size_t len)
                                        /* Touch some memory... */
                                        mp = mm[m].p;
-                                        mp[counter % (mm[m].npg * pgsiz - 1)] = 1;
+                                        mp[counter % (mm[m].npg *
-                                        counter += (int)((long)(mm[m].p) / pgsiz);
+                                            pgsiz - 1)] = 1;
+                                        counter += (int)((long)(mm[m].p)
+                                            / pgsiz);
                                }
                                /* Check counters and times... */
                                for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]);
                                    ii++) {
-                                        HASHX((e = clock_gettime(cl[ii], &ts)) == -1,
+                                        HASHX((e = clock_gettime(cl[ii],
-                                            ts);
+                                            &ts)) == -1, ts);
                                        if (e != -1)
                                                counter += (int)ts.tv_nsec;
                                }
-                                HASHX((e = getrusage(RUSAGE_SELF, &ru)) == -1, ru);
+                                HASHX((e = getrusage(RUSAGE_SELF, &ru)) == -1,
+                                    ru);
                                if (e != -1) {
                                        counter += (int)ru.ru_utime.tv_sec;
                                        counter += (int)ru.ru_utime.tv_usec;
@@ -391,9 +397,11 @@ getentropy_fallback(void *buf, size_t len)
                        HASHX((e = fstat(0, &st)) == -1, st);
                        if (e == -1) {
-                                if (S_ISREG(st.st_mode) || S_ISFIFO(st.st_mode) ||
+                                if (S_ISREG(st.st_mode) ||
+                                    S_ISFIFO(st.st_mode) ||
                                    S_ISSOCK(st.st_mode)) {
-                                        HASHX(fstatvfs(0, &stvfs) == -1, stvfs);
+                                        HASHX(fstatvfs(0, &stvfs) == -1,
+                                            stvfs);
                                        HASHX(fstatfs(0, &stfs) == -1, stfs);
                                        HASHX((off = lseek(0, (off_t)0,
                                            SEEK_CUR)) < 0, off);
diff --git a/src/lib/libcrypto/crypto/getentropy_linux.c b/src/lib/libcrypto/crypto/getentropy_linux.c
index ea838cd03c..39bd57a33a 100644
--- a/src/lib/libcrypto/crypto/getentropy_linux.c
+++ b/src/lib/libcrypto/crypto/getentropy_linux.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: getentropy_linux.c,v 1.3 2014/06/20 20:18:19 deraadt Exp $    */
+/*      $OpenBSD: getentropy_linux.c,v 1.4 2014/06/20 20:27:22 beck Exp $       */
 /*
 * Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
@@ -88,15 +88,16 @@ getentropy(void *buf, size_t len)
 #ifdef RANDOM_UUID
        /*
-         * Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID.  sysctl is
+         * Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID.
-         * a failsafe API, so it guarantees a result.  This should work
+         * sysctl is a failsafe API, so it guarantees a result.  This
-         * inside a chroot, or when file descriptors are exhuasted.
+         * should work inside a chroot, or when file descriptors are
+         * exhuasted.
         *
-         * However this can fail if the Linux kernel removes support for sysctl.
+         * However this can fail if the Linux kernel removes support
-         * Starting in 2007, there have been efforts to deprecate the sysctl
+         * for sysctl.  Starting in 2007, there have been efforts to
-         * API/ABI, and push callers towards use of the chroot-unavailable
+         * deprecate the sysctl API/ABI, and push callers towards use
-         * fd-using /proc mechanism -- essentially the same problems as
+         * of the chroot-unavailable fd-using /proc mechanism --
-         * /dev/urandom.
+         * essentially the same problems as /dev/urandom.
         *
         * Numerous setbacks have been encountered in their deprecation
         * schedule, so as of June 2014 the kernel ABI still exists. The
@@ -117,7 +118,8 @@ getentropy(void *buf, size_t len)
         * We have very few options:
         *     - Even syslog_r is unsafe to call at this low level, so
         *       there is no way to alert the user or program.
-         *     - Cannot call abort() because some systems have unsafe corefiles.
+         *     - Cannot call abort() because some systems have unsafe
+         *       corefiles.
         *     - Could raise(SIGKILL) resulting in silent program termination.
         *     - Return EIO, to hint that arc4random's stir function
         *       should raise(SIGKILL)
@@ -292,35 +294,36 @@ getentropy_fallback(void *buf, size_t len)
                SHA512_Init(&ctx);
                for (repeat = 0; repeat < REPEAT; repeat++) {
-                HASHX((e = gettimeofday(&tv, NULL)) == -1, tv);
+                        HASHX((e = gettimeofday(&tv, NULL)) == -1, tv);
-                if (e != -1) {
+                        if (e != -1) {
-                        counter += (int)tv.tv_sec;
+                                counter += (int)tv.tv_sec;
-                        counter += (int)tv.tv_usec;
+                                counter += (int)tv.tv_usec;
-                }
+                        }
-                for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)
+                        for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)
-                        HASHX(clock_gettime(cl[ii], &ts) == -1, ts);
+                                HASHX(clock_gettime(cl[ii], &ts) == -1, ts);
-                HASHX((pid = getpid()) == -1, pid);
+                        HASHX((pid = getpid()) == -1, pid);
-                HASHX((pid = getsid(pid)) == -1, pid);
+                        HASHX((pid = getsid(pid)) == -1, pid);
-                HASHX((pid = getppid()) == -1, pid);
+                        HASHX((pid = getppid()) == -1, pid);
-                HASHX((pid = getpgid(0)) == -1, pid);
+                        HASHX((pid = getpgid(0)) == -1, pid);
-                HASHX((m = getpriority(0, 0)) == -1, m);
+                        HASHX((m = getpriority(0, 0)) == -1, m);
-                ts.tv_sec = 0;
+                        ts.tv_sec = 0;
-                ts.tv_nsec = 1;
+                        ts.tv_nsec = 1;
-                (void) nanosleep(&ts, NULL);
+                        (void) nanosleep(&ts, NULL);
-                HASHX(sigpending(&sigset) == -1, sigset);
+                        HASHX(sigpending(&sigset) == -1, sigset);
-                HASHX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, sigset);
+                        HASHX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1,
+                            sigset);
-                HASHD(main);            /* an address in the main program */
+                        HASHD(main);       /* an address in the main program */
-                HASHD(getentropy);              /* an address in this library */
+                        HASHD(getentropy); /* man address in this library */
-                HASHD(printf);          /* an address in libc */
+                        HASHD(printf);     /* an address in libc */
-                p = (void *)&p;
+                        p = (void *)&p;
-                HASHD(p);                       /* an address on stack */
+                        HASHD(p);         /* an address on stack */
-                p = (void *)&errno;
+                        p = (void *)&errno;
-                HASHD(p);                       /* the address of errno */
+                        HASHD(p);        /* the address of errno */
                if (i == 0) {
                        struct sockaddr_storage ss;
@@ -337,13 +340,13 @@ getentropy_fallback(void *buf, size_t len)
                        struct mm {
                                size_t  npg;
                                void    *p;
-                        } mm[] = {
+                        } mm[] =         {
-                            { 17, MAP_FAILED }, { 3, MAP_FAILED },
+                                { 17, MAP_FAILED }, { 3, MAP_FAILED },
-                            { 11, MAP_FAILED }, { 2, MAP_FAILED },
+                                { 11, MAP_FAILED }, { 2, MAP_FAILED },
-                            { 5, MAP_FAILED }, { 3, MAP_FAILED },
+                                { 5, MAP_FAILED }, { 3, MAP_FAILED },
-                            { 7, MAP_FAILED }, { 1, MAP_FAILED },
+                                { 7, MAP_FAILED }, { 1, MAP_FAILED },
-                            { 57, MAP_FAILED }, { 3, MAP_FAILED },
+                                { 57, MAP_FAILED }, { 3, MAP_FAILED },
-                            { 131, MAP_FAILED }, { 1, MAP_FAILED },
+                                { 131, MAP_FAILED }, { 1, MAP_FAILED },
                        };
                        for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) {
@@ -355,20 +358,23 @@ getentropy_fallback(void *buf, size_t len)
                                        /* Touch some memory... */
                                        mp = mm[m].p;
-                                        mp[counter % (mm[m].npg * pgsiz - 1)] = 1;
+                                        mp[counter % (mm[m].npg *
-                                        counter += (int)((long)(mm[m].p) / pgsiz);
+                                            pgsiz - 1)] = 1;
+                                        counter += (int)((long)(mm[m].p)
+                                            / pgsiz);
                                }
                                /* Check counters and times... */
                                for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]);
                                    ii++) {
-                                        HASHX((e = clock_gettime(cl[ii], &ts)) == -1,
+                                        HASHX((e = clock_gettime(cl[ii],
-                                            ts);
+                                            &ts)) == -1, ts);
                                        if (e != -1)
                                                counter += (int)ts.tv_nsec;
                                }
-                                HASHX((e = getrusage(RUSAGE_SELF, &ru)) == -1, ru);
+                                HASHX((e = getrusage(RUSAGE_SELF, &ru)) == -1,
+                                    ru);
                                if (e != -1) {
                                        counter += (int)ru.ru_utime.tv_sec;
                                        counter += (int)ru.ru_utime.tv_usec;
@@ -391,9 +397,11 @@ getentropy_fallback(void *buf, size_t len)
                        HASHX((e = fstat(0, &st)) == -1, st);
                        if (e == -1) {
-                                if (S_ISREG(st.st_mode) || S_ISFIFO(st.st_mode) ||
+                                if (S_ISREG(st.st_mode) ||
+                                    S_ISFIFO(st.st_mode) ||
                                    S_ISSOCK(st.st_mode)) {
-                                        HASHX(fstatvfs(0, &stvfs) == -1, stvfs);
+                                        HASHX(fstatvfs(0, &stvfs) == -1,
+                                            stvfs);
                                        HASHX(fstatfs(0, &stfs) == -1, stfs);
                                        HASHX((off = lseek(0, (off_t)0,
                                            SEEK_CUR)) < 0, off);

diff --git a/src/lib/libcrypto/arc4random/getentropy_linux.c b/src/lib/libcrypto/arc4random/getentropy_linux.c index ea838cd03c..39bd57a33a 100644 --- a/src/lib/libcrypto/arc4random/getentropy_linux.c +++ b/src/lib/libcrypto/arc4random/getentropy_linux.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: getentropy_linux.c,v 1.3 2014/06/20 20:18:19 deraadt Exp $ */	1	/* $OpenBSD: getentropy_linux.c,v 1.4 2014/06/20 20:27:22 beck Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>	4	* Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
@@ -88,15 +88,16 @@ getentropy(void *buf, size_t len)
88		88
89	#ifdef RANDOM_UUID	89	#ifdef RANDOM_UUID
90	/*	90	/*
91	* Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID. sysctl is	91	* Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID.
92	* a failsafe API, so it guarantees a result. This should work	92	* sysctl is a failsafe API, so it guarantees a result. This
93	* inside a chroot, or when file descriptors are exhuasted.	93	* should work inside a chroot, or when file descriptors are
		94	* exhuasted.
94	*	95	*
95	* However this can fail if the Linux kernel removes support for sysctl.	96	* However this can fail if the Linux kernel removes support
96	* Starting in 2007, there have been efforts to deprecate the sysctl	97	* for sysctl. Starting in 2007, there have been efforts to
97	* API/ABI, and push callers towards use of the chroot-unavailable	98	* deprecate the sysctl API/ABI, and push callers towards use
98	* fd-using /proc mechanism -- essentially the same problems as	99	* of the chroot-unavailable fd-using /proc mechanism --
99	* /dev/urandom.	100	* essentially the same problems as /dev/urandom.
100	*	101	*
101	* Numerous setbacks have been encountered in their deprecation	102	* Numerous setbacks have been encountered in their deprecation
102	* schedule, so as of June 2014 the kernel ABI still exists. The	103	* schedule, so as of June 2014 the kernel ABI still exists. The
@@ -117,7 +118,8 @@ getentropy(void *buf, size_t len)
117	* We have very few options:	118	* We have very few options:
118	* - Even syslog_r is unsafe to call at this low level, so	119	* - Even syslog_r is unsafe to call at this low level, so
119	* there is no way to alert the user or program.	120	* there is no way to alert the user or program.
120	* - Cannot call abort() because some systems have unsafe corefiles.	121	* - Cannot call abort() because some systems have unsafe
		122	* corefiles.
121	* - Could raise(SIGKILL) resulting in silent program termination.	123	* - Could raise(SIGKILL) resulting in silent program termination.
122	* - Return EIO, to hint that arc4random's stir function	124	* - Return EIO, to hint that arc4random's stir function
123	* should raise(SIGKILL)	125	* should raise(SIGKILL)
@@ -292,35 +294,36 @@ getentropy_fallback(void *buf, size_t len)
292	SHA512_Init(&ctx);	294	SHA512_Init(&ctx);
293	for (repeat = 0; repeat < REPEAT; repeat++) {	295	for (repeat = 0; repeat < REPEAT; repeat++) {
294		296
295	HASHX((e = gettimeofday(&tv, NULL)) == -1, tv);	297	HASHX((e = gettimeofday(&tv, NULL)) == -1, tv);
296	if (e != -1) {	298	if (e != -1) {
297	counter += (int)tv.tv_sec;	299	counter += (int)tv.tv_sec;
298	counter += (int)tv.tv_usec;	300	counter += (int)tv.tv_usec;
299	}	301	}
300		302
301	for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)	303	for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)
302	HASHX(clock_gettime(cl[ii], &ts) == -1, ts);	304	HASHX(clock_gettime(cl[ii], &ts) == -1, ts);
303		305
304	HASHX((pid = getpid()) == -1, pid);	306	HASHX((pid = getpid()) == -1, pid);
305	HASHX((pid = getsid(pid)) == -1, pid);	307	HASHX((pid = getsid(pid)) == -1, pid);
306	HASHX((pid = getppid()) == -1, pid);	308	HASHX((pid = getppid()) == -1, pid);
307	HASHX((pid = getpgid(0)) == -1, pid);	309	HASHX((pid = getpgid(0)) == -1, pid);
308	HASHX((m = getpriority(0, 0)) == -1, m);	310	HASHX((m = getpriority(0, 0)) == -1, m);
309		311
310	ts.tv_sec = 0;	312	ts.tv_sec = 0;
311	ts.tv_nsec = 1;	313	ts.tv_nsec = 1;
312	(void) nanosleep(&ts, NULL);	314	(void) nanosleep(&ts, NULL);
313		315
314	HASHX(sigpending(&sigset) == -1, sigset);	316	HASHX(sigpending(&sigset) == -1, sigset);
315	HASHX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, sigset);	317	HASHX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1,
		318	sigset);
316		319
317	HASHD(main); /* an address in the main program */	320	HASHD(main); /* an address in the main program */
318	HASHD(getentropy); /* an address in this library */	321	HASHD(getentropy); /* man address in this library */
319	HASHD(printf); /* an address in libc */	322	HASHD(printf); /* an address in libc */
320	p = (void *)&p;	323	p = (void *)&p;
321	HASHD(p); /* an address on stack */	324	HASHD(p); /* an address on stack */
322	p = (void *)&errno;	325	p = (void *)&errno;
323	HASHD(p); /* the address of errno */	326	HASHD(p); /* the address of errno */
324		327
325	if (i == 0) {	328	if (i == 0) {
326	struct sockaddr_storage ss;	329	struct sockaddr_storage ss;
@@ -337,13 +340,13 @@ getentropy_fallback(void *buf, size_t len)
337	struct mm {	340	struct mm {
338	size_t npg;	341	size_t npg;
339	void *p;	342	void *p;
340	} mm[] = {	343	} mm[] = {
341	{ 17, MAP_FAILED }, { 3, MAP_FAILED },	344	{ 17, MAP_FAILED }, { 3, MAP_FAILED },
342	{ 11, MAP_FAILED }, { 2, MAP_FAILED },	345	{ 11, MAP_FAILED }, { 2, MAP_FAILED },
343	{ 5, MAP_FAILED }, { 3, MAP_FAILED },	346	{ 5, MAP_FAILED }, { 3, MAP_FAILED },
344	{ 7, MAP_FAILED }, { 1, MAP_FAILED },	347	{ 7, MAP_FAILED }, { 1, MAP_FAILED },
345	{ 57, MAP_FAILED }, { 3, MAP_FAILED },	348	{ 57, MAP_FAILED }, { 3, MAP_FAILED },
346	{ 131, MAP_FAILED }, { 1, MAP_FAILED },	349	{ 131, MAP_FAILED }, { 1, MAP_FAILED },
347	};	350	};
348		351
349	for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) {	352	for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) {
@@ -355,20 +358,23 @@ getentropy_fallback(void *buf, size_t len)
355		358
356	/* Touch some memory... */	359	/* Touch some memory... */
357	mp = mm[m].p;	360	mp = mm[m].p;
358	mp[counter % (mm[m].npg * pgsiz - 1)] = 1;	361	mp[counter % (mm[m].npg *
359	counter += (int)((long)(mm[m].p) / pgsiz);	362	pgsiz - 1)] = 1;
		363	counter += (int)((long)(mm[m].p)
		364	/ pgsiz);
360	}	365	}
361		366
362	/* Check counters and times... */	367	/* Check counters and times... */
363	for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]);	368	for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]);
364	ii++) {	369	ii++) {
365	HASHX((e = clock_gettime(cl[ii], &ts)) == -1,	370	HASHX((e = clock_gettime(cl[ii],
366	ts);	371	&ts)) == -1, ts);
367	if (e != -1)	372	if (e != -1)
368	counter += (int)ts.tv_nsec;	373	counter += (int)ts.tv_nsec;
369	}	374	}
370		375
371	HASHX((e = getrusage(RUSAGE_SELF, &ru)) == -1, ru);	376	HASHX((e = getrusage(RUSAGE_SELF, &ru)) == -1,
		377	ru);
372	if (e != -1) {	378	if (e != -1) {
373	counter += (int)ru.ru_utime.tv_sec;	379	counter += (int)ru.ru_utime.tv_sec;
374	counter += (int)ru.ru_utime.tv_usec;	380	counter += (int)ru.ru_utime.tv_usec;
@@ -391,9 +397,11 @@ getentropy_fallback(void *buf, size_t len)
391		397
392	HASHX((e = fstat(0, &st)) == -1, st);	398	HASHX((e = fstat(0, &st)) == -1, st);
393	if (e == -1) {	399	if (e == -1) {
394	if (S_ISREG(st.st_mode) \|\| S_ISFIFO(st.st_mode) \|\|	400	if (S_ISREG(st.st_mode) \|\|
		401	S_ISFIFO(st.st_mode) \|\|
395	S_ISSOCK(st.st_mode)) {	402	S_ISSOCK(st.st_mode)) {
396	HASHX(fstatvfs(0, &stvfs) == -1, stvfs);	403	HASHX(fstatvfs(0, &stvfs) == -1,
		404	stvfs);
397	HASHX(fstatfs(0, &stfs) == -1, stfs);	405	HASHX(fstatfs(0, &stfs) == -1, stfs);
398	HASHX((off = lseek(0, (off_t)0,	406	HASHX((off = lseek(0, (off_t)0,
399	SEEK_CUR)) < 0, off);	407	SEEK_CUR)) < 0, off);


diff --git a/src/lib/libcrypto/crypto/getentropy_linux.c b/src/lib/libcrypto/crypto/getentropy_linux.c index ea838cd03c..39bd57a33a 100644 --- a/src/lib/libcrypto/crypto/getentropy_linux.c +++ b/src/lib/libcrypto/crypto/getentropy_linux.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: getentropy_linux.c,v 1.3 2014/06/20 20:18:19 deraadt Exp $ */	1	/* $OpenBSD: getentropy_linux.c,v 1.4 2014/06/20 20:27:22 beck Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>	4	* Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
@@ -88,15 +88,16 @@ getentropy(void *buf, size_t len)
88		88
89	#ifdef RANDOM_UUID	89	#ifdef RANDOM_UUID
90	/*	90	/*
91	* Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID. sysctl is	91	* Try to use sysctl CTL_KERN, KERN_RANDOM, RANDOM_UUID.
92	* a failsafe API, so it guarantees a result. This should work	92	* sysctl is a failsafe API, so it guarantees a result. This
93	* inside a chroot, or when file descriptors are exhuasted.	93	* should work inside a chroot, or when file descriptors are
		94	* exhuasted.
94	*	95	*
95	* However this can fail if the Linux kernel removes support for sysctl.	96	* However this can fail if the Linux kernel removes support
96	* Starting in 2007, there have been efforts to deprecate the sysctl	97	* for sysctl. Starting in 2007, there have been efforts to
97	* API/ABI, and push callers towards use of the chroot-unavailable	98	* deprecate the sysctl API/ABI, and push callers towards use
98	* fd-using /proc mechanism -- essentially the same problems as	99	* of the chroot-unavailable fd-using /proc mechanism --
99	* /dev/urandom.	100	* essentially the same problems as /dev/urandom.
100	*	101	*
101	* Numerous setbacks have been encountered in their deprecation	102	* Numerous setbacks have been encountered in their deprecation
102	* schedule, so as of June 2014 the kernel ABI still exists. The	103	* schedule, so as of June 2014 the kernel ABI still exists. The
@@ -117,7 +118,8 @@ getentropy(void *buf, size_t len)
117	* We have very few options:	118	* We have very few options:
118	* - Even syslog_r is unsafe to call at this low level, so	119	* - Even syslog_r is unsafe to call at this low level, so
119	* there is no way to alert the user or program.	120	* there is no way to alert the user or program.
120	* - Cannot call abort() because some systems have unsafe corefiles.	121	* - Cannot call abort() because some systems have unsafe
		122	* corefiles.
121	* - Could raise(SIGKILL) resulting in silent program termination.	123	* - Could raise(SIGKILL) resulting in silent program termination.
122	* - Return EIO, to hint that arc4random's stir function	124	* - Return EIO, to hint that arc4random's stir function
123	* should raise(SIGKILL)	125	* should raise(SIGKILL)
@@ -292,35 +294,36 @@ getentropy_fallback(void *buf, size_t len)
292	SHA512_Init(&ctx);	294	SHA512_Init(&ctx);
293	for (repeat = 0; repeat < REPEAT; repeat++) {	295	for (repeat = 0; repeat < REPEAT; repeat++) {
294		296
295	HASHX((e = gettimeofday(&tv, NULL)) == -1, tv);	297	HASHX((e = gettimeofday(&tv, NULL)) == -1, tv);
296	if (e != -1) {	298	if (e != -1) {
297	counter += (int)tv.tv_sec;	299	counter += (int)tv.tv_sec;
298	counter += (int)tv.tv_usec;	300	counter += (int)tv.tv_usec;
299	}	301	}
300		302
301	for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)	303	for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)
302	HASHX(clock_gettime(cl[ii], &ts) == -1, ts);	304	HASHX(clock_gettime(cl[ii], &ts) == -1, ts);
303		305
304	HASHX((pid = getpid()) == -1, pid);	306	HASHX((pid = getpid()) == -1, pid);
305	HASHX((pid = getsid(pid)) == -1, pid);	307	HASHX((pid = getsid(pid)) == -1, pid);
306	HASHX((pid = getppid()) == -1, pid);	308	HASHX((pid = getppid()) == -1, pid);
307	HASHX((pid = getpgid(0)) == -1, pid);	309	HASHX((pid = getpgid(0)) == -1, pid);
308	HASHX((m = getpriority(0, 0)) == -1, m);	310	HASHX((m = getpriority(0, 0)) == -1, m);
309		311
310	ts.tv_sec = 0;	312	ts.tv_sec = 0;
311	ts.tv_nsec = 1;	313	ts.tv_nsec = 1;
312	(void) nanosleep(&ts, NULL);	314	(void) nanosleep(&ts, NULL);
313		315
314	HASHX(sigpending(&sigset) == -1, sigset);	316	HASHX(sigpending(&sigset) == -1, sigset);
315	HASHX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1, sigset);	317	HASHX(sigprocmask(SIG_BLOCK, NULL, &sigset) == -1,
		318	sigset);
316		319
317	HASHD(main); /* an address in the main program */	320	HASHD(main); /* an address in the main program */
318	HASHD(getentropy); /* an address in this library */	321	HASHD(getentropy); /* man address in this library */
319	HASHD(printf); /* an address in libc */	322	HASHD(printf); /* an address in libc */
320	p = (void *)&p;	323	p = (void *)&p;
321	HASHD(p); /* an address on stack */	324	HASHD(p); /* an address on stack */
322	p = (void *)&errno;	325	p = (void *)&errno;
323	HASHD(p); /* the address of errno */	326	HASHD(p); /* the address of errno */
324		327
325	if (i == 0) {	328	if (i == 0) {
326	struct sockaddr_storage ss;	329	struct sockaddr_storage ss;
@@ -337,13 +340,13 @@ getentropy_fallback(void *buf, size_t len)
337	struct mm {	340	struct mm {
338	size_t npg;	341	size_t npg;
339	void *p;	342	void *p;
340	} mm[] = {	343	} mm[] = {
341	{ 17, MAP_FAILED }, { 3, MAP_FAILED },	344	{ 17, MAP_FAILED }, { 3, MAP_FAILED },
342	{ 11, MAP_FAILED }, { 2, MAP_FAILED },	345	{ 11, MAP_FAILED }, { 2, MAP_FAILED },
343	{ 5, MAP_FAILED }, { 3, MAP_FAILED },	346	{ 5, MAP_FAILED }, { 3, MAP_FAILED },
344	{ 7, MAP_FAILED }, { 1, MAP_FAILED },	347	{ 7, MAP_FAILED }, { 1, MAP_FAILED },
345	{ 57, MAP_FAILED }, { 3, MAP_FAILED },	348	{ 57, MAP_FAILED }, { 3, MAP_FAILED },
346	{ 131, MAP_FAILED }, { 1, MAP_FAILED },	349	{ 131, MAP_FAILED }, { 1, MAP_FAILED },
347	};	350	};
348		351
349	for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) {	352	for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) {
@@ -355,20 +358,23 @@ getentropy_fallback(void *buf, size_t len)
355		358
356	/* Touch some memory... */	359	/* Touch some memory... */
357	mp = mm[m].p;	360	mp = mm[m].p;
358	mp[counter % (mm[m].npg * pgsiz - 1)] = 1;	361	mp[counter % (mm[m].npg *
359	counter += (int)((long)(mm[m].p) / pgsiz);	362	pgsiz - 1)] = 1;
		363	counter += (int)((long)(mm[m].p)
		364	/ pgsiz);
360	}	365	}
361		366
362	/* Check counters and times... */	367	/* Check counters and times... */
363	for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]);	368	for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]);
364	ii++) {	369	ii++) {
365	HASHX((e = clock_gettime(cl[ii], &ts)) == -1,	370	HASHX((e = clock_gettime(cl[ii],
366	ts);	371	&ts)) == -1, ts);
367	if (e != -1)	372	if (e != -1)
368	counter += (int)ts.tv_nsec;	373	counter += (int)ts.tv_nsec;
369	}	374	}
370		375
371	HASHX((e = getrusage(RUSAGE_SELF, &ru)) == -1, ru);	376	HASHX((e = getrusage(RUSAGE_SELF, &ru)) == -1,
		377	ru);
372	if (e != -1) {	378	if (e != -1) {
373	counter += (int)ru.ru_utime.tv_sec;	379	counter += (int)ru.ru_utime.tv_sec;
374	counter += (int)ru.ru_utime.tv_usec;	380	counter += (int)ru.ru_utime.tv_usec;
@@ -391,9 +397,11 @@ getentropy_fallback(void *buf, size_t len)
391		397
392	HASHX((e = fstat(0, &st)) == -1, st);	398	HASHX((e = fstat(0, &st)) == -1, st);
393	if (e == -1) {	399	if (e == -1) {
394	if (S_ISREG(st.st_mode) \|\| S_ISFIFO(st.st_mode) \|\|	400	if (S_ISREG(st.st_mode) \|\|
		401	S_ISFIFO(st.st_mode) \|\|
395	S_ISSOCK(st.st_mode)) {	402	S_ISSOCK(st.st_mode)) {
396	HASHX(fstatvfs(0, &stvfs) == -1, stvfs);	403	HASHX(fstatvfs(0, &stvfs) == -1,
		404	stvfs);
397	HASHX(fstatfs(0, &stfs) == -1, stfs);	405	HASHX(fstatfs(0, &stfs) == -1, stfs);
398	HASHX((off = lseek(0, (off_t)0,	406	HASHX((off = lseek(0, (off_t)0,
399	SEEK_CUR)) < 0, off);	407	SEEK_CUR)) < 0, off);