#
1.34 |
|
20-Jan-2024 |
christos |
Catch up with all the lint warnings since exit on warning was disabled. Disable 'missing header declaration' and 'nested extern' warnings for now.
|
Revision tags: netbsd-10-0-RC3 netbsd-10-0-RC2 netbsd-10-0-RC1 netbsd-10-base
|
#
1.33 |
|
19-Apr-2022 |
rillig |
lib: remove CONSTCOND comment
Since 2021-01-31, lint doesn't need it anymore for the common pattern of 'do ... while (0)'.
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 phil-wifi-20191119
|
#
1.32 |
|
23-Sep-2019 |
christos |
lint is not smart enough to figure out that ilog2() is constant.
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-8-2-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.31 |
|
25-Mar-2016 |
riastradh |
branches: 1.31.16; KNF
|
#
1.30 |
|
13-May-2015 |
justin |
Missing MAP_PRIVATE on mmap
|
#
1.29 |
|
19-Mar-2015 |
riastradh |
Remove #ifdef MAP_INHERIT_ZERO.
This is essential for fork-safety, so don't merely #warn about it. Attaining fork-safety without it requires restructuring things -- in particular, there's no clear way to make it per-thread and fork-safe without some global list of states to zero on fork.
|
#
1.28 |
|
21-Jan-2015 |
riastradh |
Use ChaCha20 here as advertised, not ChaCha8.
Oops.
Fortunately, there is no public cryptanalysis even of ChaCha8: the best published attack is on ChaCha7 with time complexity 2^248.
|
#
1.27 |
|
20-Jan-2015 |
christos |
Fix non _REENTRANT build.
|
#
1.26 |
|
16-Nov-2014 |
riastradh |
Rewrite arc4random(3) with ChaCha20-based PRNG and per-thread state.
Explain the security model in the man page.
No more RC4!
XXX pullup to netbsd-6, netbsd-5
|
Revision tags: netbsd-7-base tls-earlyentropy-base tls-maxphys-base
|
#
1.25 |
|
19-Jul-2014 |
roy |
branches: 1.25.2; Document that our use of pthread_mutex_unlock(3) is async-signal-safe and as such can be used in a phtread_atfork(3) child handler.
|
#
1.24 |
|
12-Jun-2014 |
apb |
fix missing backslash in previous
|
#
1.23 |
|
12-Jun-2014 |
apb |
Wrap complex macros in do { ... } while (0). Also replace the magic number 1600000 with a macro.
|
#
1.22 |
|
07-Jun-2014 |
roy |
Re-stir after forking, fixes PR lib/25367. Re-stir after consuming 1600000 bytes, fixes PR lib/45952.
|
Revision tags: yamt-pagecache-base9 riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3
|
#
1.21 |
|
17-Oct-2013 |
christos |
branches: 1.21.2; remove always inline because new gcc bitches.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.20 |
|
20-Aug-2012 |
dsl |
branches: 1.20.2; I'm fairly sure the libc rules require that arc4random_addrandom, arc4random_buf, arc4random_stir and arc4random_uniform be weak.
|
#
1.19 |
|
20-Aug-2012 |
dsl |
arc4 is a random number sequence, there is no point using its own output values to determine a number of output values to skip. Skipping values on any possibly random event might be worth while, as might using the keying algorithm to stir in a possibly random value.
|
#
1.18 |
|
20-Aug-2012 |
dsl |
Since 'rs' is statically initialised (not bss) its s[] might as well be compile-time initialised as well. arc4_init) is the same as arc4_stir(). Initialise rs.i to 0xff (not 0) so that the first key byte is processed with rs.i == 0 without the splurios rs.i-- in arc4_addrandom(). Remove the assignment rs.j = rs.i at the end of arc4_addrandom(), it isn't necessary and I can see no justificationm for it. Replace RSIZE with __arraycount(as->s), however it is manifestly 256 (more correctly the number of values in rs.i and rs.j).
|
#
1.17 |
|
18-Aug-2012 |
dsl |
cache rs.i and rs.j in arc4random_buf() since the compiler can't be told that buf[] dosn't alias them. Reduces the number of instructions inside the loop. All the other functions are ok.
|
#
1.16 |
|
18-Aug-2012 |
dsl |
Change the logic used for thread locking to make the code more readable. The effect on the object code is to replace a function call with a branch that will predict correctly in the non-threaded case. Minor optimise of some other paths.
|
#
1.15 |
|
18-Aug-2012 |
dsl |
Use an inline function to check for initialisation, and an non-inlined one to do the actual initialise. Fixes lib/46751 by removing all the replicated tests in each function.
|
#
1.14 |
|
29-Jul-2012 |
dsl |
Make this compile with the compiler I'm using. Move variable defs to top of function. Don't use const static mib[] - run time initialisation won't matter, and not using static data may actually help in a .so.
|
Revision tags: yamt-pagecache-base5 yamt-pagecache-base4
|
#
1.13 |
|
05-Mar-2012 |
christos |
misc cleanups: - const for mibs - #define for magic constants - casts
|
#
1.12 |
|
04-Mar-2012 |
tls |
Fix bug in previous: don't reinitialize on every call! Fix arc4random_buf so it actually ever initializes -- a security problem with revisions 1.9 and 1.10.
|
#
1.11 |
|
27-Feb-2012 |
tls |
Make arc4random far less greedy for entropy. Make arc4random actually implement arc4 when used by threaded programs.
|
Revision tags: netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base
|
#
1.10 |
|
04-Feb-2011 |
christos |
branches: 1.10.4; 1.10.6; add arc4random_{buf,uniform}, from OpenBSD.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-mips64-premerge-20101231 matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 christos-time_t-nbase christos-time_t-base netbsd-5-base matt-mips64-base2 mjf-devfs2-base netbsd-4-0-1-RELEASE wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-fixsa-newbase wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-base matt-armv6-nbase matt-armv6-prevmlocking wrstuden-fixsa-base-1 netbsd-4-0-RELEASE cube-autoconf-base netbsd-4-0-RC5 netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 matt-armv6-base matt-mips64-base hpcarm-cleanup-base wrstuden-fixsa-base abandoned-netbsd-4-base netbsd-4-base
|
#
1.9 |
|
24-Dec-2005 |
perry |
branches: 1.9.40; Remove leading __ from __(const|inline|signed|volatile) -- it is obsolete.
|
#
1.8 |
|
12-Jun-2005 |
lukem |
Add missing __RCSID()
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 netbsd-3-base
|
#
1.7 |
|
09-Feb-2005 |
kleink |
A little libc namespace housekeeping exercise: * Make vfprintf_unlocked() an internal function, c.f. __svfscanf_unlocked(). * Add internal names for arc4random(), endnetpath(), fhstatvfs(), fstatvfs(), mkstemp(), shquote(), statvfs(), taddr2uaddr(), uaddr2taddr(), uuid_create_nil(), uuid_is_nil(), and wcwidth(). * Include namespace.h where supposed to.
|
#
1.6 |
|
09-Feb-2005 |
kleink |
Declare rs_initialized static.
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base nathanw_sa_before_merge fvdl_fs64_base nathanw_sa_base
|
#
1.5 |
|
11-Nov-2002 |
thorpej |
branches: 1.5.2; Fix signed/unsigned comparison warnings.
|
#
1.4 |
|
02-Jul-2002 |
itojun |
use sysctl(kern.urandom) if /dev/urandom is not present (like chroot jail)
|
#
1.3 |
|
14-Jun-2002 |
itojun |
branches: 1.3.2; discard first 256 words when we stir.
|
#
1.2 |
|
24-May-2002 |
itojun |
/dev/arandom does not exist in netbsd. use /dev/urandom.
|
#
1.1 |
|
24-May-2002 |
itojun |
add arc4random(3). from openbsd
|
#
1.33 |
|
19-Apr-2022 |
rillig |
lib: remove CONSTCOND comment
Since 2021-01-31, lint doesn't need it anymore for the common pattern of 'do ... while (0)'.
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 phil-wifi-20191119
|
#
1.32 |
|
23-Sep-2019 |
christos |
lint is not smart enough to figure out that ilog2() is constant.
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-8-2-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.31 |
|
25-Mar-2016 |
riastradh |
branches: 1.31.16; KNF
|
#
1.30 |
|
13-May-2015 |
justin |
Missing MAP_PRIVATE on mmap
|
#
1.29 |
|
19-Mar-2015 |
riastradh |
Remove #ifdef MAP_INHERIT_ZERO.
This is essential for fork-safety, so don't merely #warn about it. Attaining fork-safety without it requires restructuring things -- in particular, there's no clear way to make it per-thread and fork-safe without some global list of states to zero on fork.
|
#
1.28 |
|
21-Jan-2015 |
riastradh |
Use ChaCha20 here as advertised, not ChaCha8.
Oops.
Fortunately, there is no public cryptanalysis even of ChaCha8: the best published attack is on ChaCha7 with time complexity 2^248.
|
#
1.27 |
|
20-Jan-2015 |
christos |
Fix non _REENTRANT build.
|
#
1.26 |
|
16-Nov-2014 |
riastradh |
Rewrite arc4random(3) with ChaCha20-based PRNG and per-thread state.
Explain the security model in the man page.
No more RC4!
XXX pullup to netbsd-6, netbsd-5
|
Revision tags: netbsd-7-base tls-earlyentropy-base tls-maxphys-base
|
#
1.25 |
|
19-Jul-2014 |
roy |
branches: 1.25.2; Document that our use of pthread_mutex_unlock(3) is async-signal-safe and as such can be used in a phtread_atfork(3) child handler.
|
#
1.24 |
|
12-Jun-2014 |
apb |
fix missing backslash in previous
|
#
1.23 |
|
12-Jun-2014 |
apb |
Wrap complex macros in do { ... } while (0). Also replace the magic number 1600000 with a macro.
|
#
1.22 |
|
07-Jun-2014 |
roy |
Re-stir after forking, fixes PR lib/25367. Re-stir after consuming 1600000 bytes, fixes PR lib/45952.
|
Revision tags: yamt-pagecache-base9 riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3
|
#
1.21 |
|
17-Oct-2013 |
christos |
branches: 1.21.2; remove always inline because new gcc bitches.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.20 |
|
20-Aug-2012 |
dsl |
branches: 1.20.2; I'm fairly sure the libc rules require that arc4random_addrandom, arc4random_buf, arc4random_stir and arc4random_uniform be weak.
|
#
1.19 |
|
20-Aug-2012 |
dsl |
arc4 is a random number sequence, there is no point using its own output values to determine a number of output values to skip. Skipping values on any possibly random event might be worth while, as might using the keying algorithm to stir in a possibly random value.
|
#
1.18 |
|
20-Aug-2012 |
dsl |
Since 'rs' is statically initialised (not bss) its s[] might as well be compile-time initialised as well. arc4_init) is the same as arc4_stir(). Initialise rs.i to 0xff (not 0) so that the first key byte is processed with rs.i == 0 without the splurios rs.i-- in arc4_addrandom(). Remove the assignment rs.j = rs.i at the end of arc4_addrandom(), it isn't necessary and I can see no justificationm for it. Replace RSIZE with __arraycount(as->s), however it is manifestly 256 (more correctly the number of values in rs.i and rs.j).
|
#
1.17 |
|
18-Aug-2012 |
dsl |
cache rs.i and rs.j in arc4random_buf() since the compiler can't be told that buf[] dosn't alias them. Reduces the number of instructions inside the loop. All the other functions are ok.
|
#
1.16 |
|
18-Aug-2012 |
dsl |
Change the logic used for thread locking to make the code more readable. The effect on the object code is to replace a function call with a branch that will predict correctly in the non-threaded case. Minor optimise of some other paths.
|
#
1.15 |
|
18-Aug-2012 |
dsl |
Use an inline function to check for initialisation, and an non-inlined one to do the actual initialise. Fixes lib/46751 by removing all the replicated tests in each function.
|
#
1.14 |
|
29-Jul-2012 |
dsl |
Make this compile with the compiler I'm using. Move variable defs to top of function. Don't use const static mib[] - run time initialisation won't matter, and not using static data may actually help in a .so.
|
Revision tags: yamt-pagecache-base5 yamt-pagecache-base4
|
#
1.13 |
|
05-Mar-2012 |
christos |
misc cleanups: - const for mibs - #define for magic constants - casts
|
#
1.12 |
|
04-Mar-2012 |
tls |
Fix bug in previous: don't reinitialize on every call! Fix arc4random_buf so it actually ever initializes -- a security problem with revisions 1.9 and 1.10.
|
#
1.11 |
|
27-Feb-2012 |
tls |
Make arc4random far less greedy for entropy. Make arc4random actually implement arc4 when used by threaded programs.
|
Revision tags: netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base
|
#
1.10 |
|
04-Feb-2011 |
christos |
branches: 1.10.4; 1.10.6; add arc4random_{buf,uniform}, from OpenBSD.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-mips64-premerge-20101231 matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 christos-time_t-nbase christos-time_t-base netbsd-5-base matt-mips64-base2 mjf-devfs2-base netbsd-4-0-1-RELEASE wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-fixsa-newbase wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-base matt-armv6-nbase matt-armv6-prevmlocking wrstuden-fixsa-base-1 netbsd-4-0-RELEASE cube-autoconf-base netbsd-4-0-RC5 netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 matt-armv6-base matt-mips64-base hpcarm-cleanup-base wrstuden-fixsa-base abandoned-netbsd-4-base netbsd-4-base
|
#
1.9 |
|
24-Dec-2005 |
perry |
branches: 1.9.40; Remove leading __ from __(const|inline|signed|volatile) -- it is obsolete.
|
#
1.8 |
|
12-Jun-2005 |
lukem |
Add missing __RCSID()
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 netbsd-3-base
|
#
1.7 |
|
09-Feb-2005 |
kleink |
A little libc namespace housekeeping exercise: * Make vfprintf_unlocked() an internal function, c.f. __svfscanf_unlocked(). * Add internal names for arc4random(), endnetpath(), fhstatvfs(), fstatvfs(), mkstemp(), shquote(), statvfs(), taddr2uaddr(), uaddr2taddr(), uuid_create_nil(), uuid_is_nil(), and wcwidth(). * Include namespace.h where supposed to.
|
#
1.6 |
|
09-Feb-2005 |
kleink |
Declare rs_initialized static.
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base nathanw_sa_before_merge fvdl_fs64_base nathanw_sa_base
|
#
1.5 |
|
11-Nov-2002 |
thorpej |
branches: 1.5.2; Fix signed/unsigned comparison warnings.
|
#
1.4 |
|
02-Jul-2002 |
itojun |
use sysctl(kern.urandom) if /dev/urandom is not present (like chroot jail)
|
#
1.3 |
|
14-Jun-2002 |
itojun |
branches: 1.3.2; discard first 256 words when we stir.
|
#
1.2 |
|
24-May-2002 |
itojun |
/dev/arandom does not exist in netbsd. use /dev/urandom.
|
#
1.1 |
|
24-May-2002 |
itojun |
add arc4random(3). from openbsd
|
#
1.32 |
|
23-Sep-2019 |
christos |
lint is not smart enough to figure out that ilog2() is constant.
|
Revision tags: netbsd-9-base phil-wifi-20190609 netbsd-8-1-RELEASE netbsd-8-1-RC1 pgoyette-compat-merge-20190127 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 netbsd-8-0-RELEASE phil-wifi-base pgoyette-compat-0625 netbsd-8-0-RC2 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 netbsd-8-0-RC1 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.31 |
|
25-Mar-2016 |
riastradh |
KNF
|
#
1.30 |
|
13-May-2015 |
justin |
Missing MAP_PRIVATE on mmap
|
#
1.29 |
|
19-Mar-2015 |
riastradh |
Remove #ifdef MAP_INHERIT_ZERO.
This is essential for fork-safety, so don't merely #warn about it. Attaining fork-safety without it requires restructuring things -- in particular, there's no clear way to make it per-thread and fork-safe without some global list of states to zero on fork.
|
#
1.28 |
|
21-Jan-2015 |
riastradh |
Use ChaCha20 here as advertised, not ChaCha8.
Oops.
Fortunately, there is no public cryptanalysis even of ChaCha8: the best published attack is on ChaCha7 with time complexity 2^248.
|
#
1.27 |
|
20-Jan-2015 |
christos |
Fix non _REENTRANT build.
|
#
1.26 |
|
16-Nov-2014 |
riastradh |
Rewrite arc4random(3) with ChaCha20-based PRNG and per-thread state.
Explain the security model in the man page.
No more RC4!
XXX pullup to netbsd-6, netbsd-5
|
Revision tags: netbsd-7-base tls-earlyentropy-base tls-maxphys-base
|
#
1.25 |
|
19-Jul-2014 |
roy |
branches: 1.25.2; Document that our use of pthread_mutex_unlock(3) is async-signal-safe and as such can be used in a phtread_atfork(3) child handler.
|
#
1.24 |
|
12-Jun-2014 |
apb |
fix missing backslash in previous
|
#
1.23 |
|
12-Jun-2014 |
apb |
Wrap complex macros in do { ... } while (0). Also replace the magic number 1600000 with a macro.
|
#
1.22 |
|
07-Jun-2014 |
roy |
Re-stir after forking, fixes PR lib/25367. Re-stir after consuming 1600000 bytes, fixes PR lib/45952.
|
Revision tags: yamt-pagecache-base9 riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3
|
#
1.21 |
|
17-Oct-2013 |
christos |
branches: 1.21.2; remove always inline because new gcc bitches.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.20 |
|
20-Aug-2012 |
dsl |
branches: 1.20.2; I'm fairly sure the libc rules require that arc4random_addrandom, arc4random_buf, arc4random_stir and arc4random_uniform be weak.
|
#
1.19 |
|
20-Aug-2012 |
dsl |
arc4 is a random number sequence, there is no point using its own output values to determine a number of output values to skip. Skipping values on any possibly random event might be worth while, as might using the keying algorithm to stir in a possibly random value.
|
#
1.18 |
|
20-Aug-2012 |
dsl |
Since 'rs' is statically initialised (not bss) its s[] might as well be compile-time initialised as well. arc4_init) is the same as arc4_stir(). Initialise rs.i to 0xff (not 0) so that the first key byte is processed with rs.i == 0 without the splurios rs.i-- in arc4_addrandom(). Remove the assignment rs.j = rs.i at the end of arc4_addrandom(), it isn't necessary and I can see no justificationm for it. Replace RSIZE with __arraycount(as->s), however it is manifestly 256 (more correctly the number of values in rs.i and rs.j).
|
#
1.17 |
|
18-Aug-2012 |
dsl |
cache rs.i and rs.j in arc4random_buf() since the compiler can't be told that buf[] dosn't alias them. Reduces the number of instructions inside the loop. All the other functions are ok.
|
#
1.16 |
|
18-Aug-2012 |
dsl |
Change the logic used for thread locking to make the code more readable. The effect on the object code is to replace a function call with a branch that will predict correctly in the non-threaded case. Minor optimise of some other paths.
|
#
1.15 |
|
18-Aug-2012 |
dsl |
Use an inline function to check for initialisation, and an non-inlined one to do the actual initialise. Fixes lib/46751 by removing all the replicated tests in each function.
|
#
1.14 |
|
29-Jul-2012 |
dsl |
Make this compile with the compiler I'm using. Move variable defs to top of function. Don't use const static mib[] - run time initialisation won't matter, and not using static data may actually help in a .so.
|
Revision tags: yamt-pagecache-base5 yamt-pagecache-base4
|
#
1.13 |
|
05-Mar-2012 |
christos |
misc cleanups: - const for mibs - #define for magic constants - casts
|
#
1.12 |
|
04-Mar-2012 |
tls |
Fix bug in previous: don't reinitialize on every call! Fix arc4random_buf so it actually ever initializes -- a security problem with revisions 1.9 and 1.10.
|
#
1.11 |
|
27-Feb-2012 |
tls |
Make arc4random far less greedy for entropy. Make arc4random actually implement arc4 when used by threaded programs.
|
Revision tags: netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base
|
#
1.10 |
|
04-Feb-2011 |
christos |
branches: 1.10.4; 1.10.6; add arc4random_{buf,uniform}, from OpenBSD.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-mips64-premerge-20101231 matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 christos-time_t-nbase christos-time_t-base netbsd-5-base matt-mips64-base2 mjf-devfs2-base netbsd-4-0-1-RELEASE wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-fixsa-newbase wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-base matt-armv6-nbase matt-armv6-prevmlocking wrstuden-fixsa-base-1 netbsd-4-0-RELEASE cube-autoconf-base netbsd-4-0-RC5 netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 matt-armv6-base matt-mips64-base hpcarm-cleanup-base wrstuden-fixsa-base abandoned-netbsd-4-base netbsd-4-base
|
#
1.9 |
|
24-Dec-2005 |
perry |
branches: 1.9.40; Remove leading __ from __(const|inline|signed|volatile) -- it is obsolete.
|
#
1.8 |
|
12-Jun-2005 |
lukem |
Add missing __RCSID()
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 netbsd-3-base
|
#
1.7 |
|
09-Feb-2005 |
kleink |
A little libc namespace housekeeping exercise: * Make vfprintf_unlocked() an internal function, c.f. __svfscanf_unlocked(). * Add internal names for arc4random(), endnetpath(), fhstatvfs(), fstatvfs(), mkstemp(), shquote(), statvfs(), taddr2uaddr(), uaddr2taddr(), uuid_create_nil(), uuid_is_nil(), and wcwidth(). * Include namespace.h where supposed to.
|
#
1.6 |
|
09-Feb-2005 |
kleink |
Declare rs_initialized static.
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base nathanw_sa_before_merge fvdl_fs64_base nathanw_sa_base
|
#
1.5 |
|
11-Nov-2002 |
thorpej |
branches: 1.5.2; Fix signed/unsigned comparison warnings.
|
#
1.4 |
|
02-Jul-2002 |
itojun |
use sysctl(kern.urandom) if /dev/urandom is not present (like chroot jail)
|
#
1.3 |
|
14-Jun-2002 |
itojun |
branches: 1.3.2; discard first 256 words when we stir.
|
#
1.2 |
|
24-May-2002 |
itojun |
/dev/arandom does not exist in netbsd. use /dev/urandom.
|
#
1.1 |
|
24-May-2002 |
itojun |
add arc4random(3). from openbsd
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.31 |
|
25-Mar-2016 |
riastradh |
KNF
|
#
1.30 |
|
13-May-2015 |
justin |
Missing MAP_PRIVATE on mmap
|
#
1.29 |
|
19-Mar-2015 |
riastradh |
Remove #ifdef MAP_INHERIT_ZERO.
This is essential for fork-safety, so don't merely #warn about it. Attaining fork-safety without it requires restructuring things -- in particular, there's no clear way to make it per-thread and fork-safe without some global list of states to zero on fork.
|
#
1.28 |
|
21-Jan-2015 |
riastradh |
Use ChaCha20 here as advertised, not ChaCha8.
Oops.
Fortunately, there is no public cryptanalysis even of ChaCha8: the best published attack is on ChaCha7 with time complexity 2^248.
|
#
1.27 |
|
20-Jan-2015 |
christos |
Fix non _REENTRANT build.
|
#
1.26 |
|
16-Nov-2014 |
riastradh |
Rewrite arc4random(3) with ChaCha20-based PRNG and per-thread state.
Explain the security model in the man page.
No more RC4!
XXX pullup to netbsd-6, netbsd-5
|
Revision tags: netbsd-7-base tls-earlyentropy-base tls-maxphys-base
|
#
1.25 |
|
19-Jul-2014 |
roy |
branches: 1.25.2; Document that our use of pthread_mutex_unlock(3) is async-signal-safe and as such can be used in a phtread_atfork(3) child handler.
|
#
1.24 |
|
12-Jun-2014 |
apb |
fix missing backslash in previous
|
#
1.23 |
|
12-Jun-2014 |
apb |
Wrap complex macros in do { ... } while (0). Also replace the magic number 1600000 with a macro.
|
#
1.22 |
|
07-Jun-2014 |
roy |
Re-stir after forking, fixes PR lib/25367. Re-stir after consuming 1600000 bytes, fixes PR lib/45952.
|
Revision tags: yamt-pagecache-base9 riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3
|
#
1.21 |
|
17-Oct-2013 |
christos |
branches: 1.21.2; remove always inline because new gcc bitches.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.20 |
|
20-Aug-2012 |
dsl |
branches: 1.20.2; I'm fairly sure the libc rules require that arc4random_addrandom, arc4random_buf, arc4random_stir and arc4random_uniform be weak.
|
#
1.19 |
|
20-Aug-2012 |
dsl |
arc4 is a random number sequence, there is no point using its own output values to determine a number of output values to skip. Skipping values on any possibly random event might be worth while, as might using the keying algorithm to stir in a possibly random value.
|
#
1.18 |
|
20-Aug-2012 |
dsl |
Since 'rs' is statically initialised (not bss) its s[] might as well be compile-time initialised as well. arc4_init) is the same as arc4_stir(). Initialise rs.i to 0xff (not 0) so that the first key byte is processed with rs.i == 0 without the splurios rs.i-- in arc4_addrandom(). Remove the assignment rs.j = rs.i at the end of arc4_addrandom(), it isn't necessary and I can see no justificationm for it. Replace RSIZE with __arraycount(as->s), however it is manifestly 256 (more correctly the number of values in rs.i and rs.j).
|
#
1.17 |
|
18-Aug-2012 |
dsl |
cache rs.i and rs.j in arc4random_buf() since the compiler can't be told that buf[] dosn't alias them. Reduces the number of instructions inside the loop. All the other functions are ok.
|
#
1.16 |
|
18-Aug-2012 |
dsl |
Change the logic used for thread locking to make the code more readable. The effect on the object code is to replace a function call with a branch that will predict correctly in the non-threaded case. Minor optimise of some other paths.
|
#
1.15 |
|
18-Aug-2012 |
dsl |
Use an inline function to check for initialisation, and an non-inlined one to do the actual initialise. Fixes lib/46751 by removing all the replicated tests in each function.
|
#
1.14 |
|
29-Jul-2012 |
dsl |
Make this compile with the compiler I'm using. Move variable defs to top of function. Don't use const static mib[] - run time initialisation won't matter, and not using static data may actually help in a .so.
|
Revision tags: yamt-pagecache-base5 yamt-pagecache-base4
|
#
1.13 |
|
05-Mar-2012 |
christos |
misc cleanups: - const for mibs - #define for magic constants - casts
|
#
1.12 |
|
04-Mar-2012 |
tls |
Fix bug in previous: don't reinitialize on every call! Fix arc4random_buf so it actually ever initializes -- a security problem with revisions 1.9 and 1.10.
|
#
1.11 |
|
27-Feb-2012 |
tls |
Make arc4random far less greedy for entropy. Make arc4random actually implement arc4 when used by threaded programs.
|
Revision tags: netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base
|
#
1.10 |
|
04-Feb-2011 |
christos |
branches: 1.10.4; 1.10.6; add arc4random_{buf,uniform}, from OpenBSD.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-mips64-premerge-20101231 matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE jym-xensuspend-nbase netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 jym-xensuspend-base netbsd-5-0-RC1 christos-time_t-nbase christos-time_t-base netbsd-5-base matt-mips64-base2 mjf-devfs2-base netbsd-4-0-1-RELEASE wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-fixsa-newbase wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-base matt-armv6-nbase matt-armv6-prevmlocking wrstuden-fixsa-base-1 netbsd-4-0-RELEASE cube-autoconf-base netbsd-4-0-RC5 netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 matt-armv6-base matt-mips64-base hpcarm-cleanup-base wrstuden-fixsa-base abandoned-netbsd-4-base netbsd-4-base
|
#
1.9 |
|
24-Dec-2005 |
perry |
branches: 1.9.40; Remove leading __ from __(const|inline|signed|volatile) -- it is obsolete.
|
#
1.8 |
|
12-Jun-2005 |
lukem |
Add missing __RCSID()
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 netbsd-3-base
|
#
1.7 |
|
09-Feb-2005 |
kleink |
A little libc namespace housekeeping exercise: * Make vfprintf_unlocked() an internal function, c.f. __svfscanf_unlocked(). * Add internal names for arc4random(), endnetpath(), fhstatvfs(), fstatvfs(), mkstemp(), shquote(), statvfs(), taddr2uaddr(), uaddr2taddr(), uuid_create_nil(), uuid_is_nil(), and wcwidth(). * Include namespace.h where supposed to.
|
#
1.6 |
|
09-Feb-2005 |
kleink |
Declare rs_initialized static.
|
Revision tags: netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base nathanw_sa_before_merge fvdl_fs64_base nathanw_sa_base
|
#
1.5 |
|
11-Nov-2002 |
thorpej |
branches: 1.5.2; Fix signed/unsigned comparison warnings.
|
#
1.4 |
|
02-Jul-2002 |
itojun |
use sysctl(kern.urandom) if /dev/urandom is not present (like chroot jail)
|
#
1.3 |
|
14-Jun-2002 |
itojun |
branches: 1.3.2; discard first 256 words when we stir.
|
#
1.2 |
|
24-May-2002 |
itojun |
/dev/arandom does not exist in netbsd. use /dev/urandom.
|
#
1.1 |
|
24-May-2002 |
itojun |
add arc4random(3). from openbsd
|