From aca3e4974ff1f36b3c0bbe17c11e7c2efeec3b5b Mon Sep 17 00:00:00 2001
From: Kirk McKusick <mckusick@FreeBSD.org>
Date: Fri, 14 Feb 2003 21:31:58 +0000
Subject: [PATCH] Replace use of random() with arc4random() to provide less
 guessable values for the initial inode generation numbers in newfs and for
 newly allocated inode generation numbers in the kernel.

Submitted by:	Theo de Raadt <deraadt@cvs.openbsd.org>
Sponsored by:   DARPA & NAI Labs.
---
 sbin/newfs/mkfs.c        | 10 +++++-----
 sys/ufs/ffs/ffs_alloc.c  |  4 ++--
 sys/ufs/ffs/ffs_vfsops.c |  2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/sbin/newfs/mkfs.c b/sbin/newfs/mkfs.c
index cb65343cfb30..ddc8fcb10b9f 100644
--- a/sbin/newfs/mkfs.c
+++ b/sbin/newfs/mkfs.c
@@ -126,7 +126,7 @@ mkfs(struct partition *pp, char *fsys)
 		time(&utime);
 	if (!Rflag && !randinit) {
 		randinit = 1;
-		srandomdev();
+		arc4random_stir();
 	}
 	sblock.fs_old_flags = FS_FLAGS_UPDATED;
 	sblock.fs_flags = 0;
@@ -387,7 +387,7 @@ mkfs(struct partition *pp, char *fsys)
 	sblock.fs_state = 0;
 	sblock.fs_clean = 1;
 	sblock.fs_id[0] = (long)utime;
-	sblock.fs_id[1] = random();
+	sblock.fs_id[1] = arc4random();
 	sblock.fs_fsmnt[0] = '\0';
 	csfrags = howmany(sblock.fs_cssize, sblock.fs_fsize);
 	sblock.fs_dsize = sblock.fs_size - sblock.fs_sblkno -
@@ -649,10 +649,10 @@ initcg(int cylno, time_t utime)
 	dp2 = (struct ufs2_dinode *)(&iobuf[start]);
 	for (i = 0; i < acg.cg_initediblk; i++) {
 		if (sblock.fs_magic == FS_UFS1_MAGIC) {
-			dp1->di_gen = random();
+			dp1->di_gen = arc4random();
 			dp1++;
 		} else {
-			dp2->di_gen = random();
+			dp2->di_gen = arc4random();
 			dp2++;
 		}
 	}
@@ -666,7 +666,7 @@ initcg(int cylno, time_t utime)
 		     i += sblock.fs_frag) {
 			dp1 = (struct ufs1_dinode *)(&iobuf[start]);
 			for (j = 0; j < INOPB(&sblock); j++) {
-				dp1->di_gen = random();
+				dp1->di_gen = arc4random();
 				dp1++;
 			}
 			wtfs(fsbtodb(&sblock, cgimin(&sblock, cylno) + i),
diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c
index 622ca59b5aae..745050c7d6cc 100644
--- a/sys/ufs/ffs/ffs_alloc.c
+++ b/sys/ufs/ffs/ffs_alloc.c
@@ -879,7 +879,7 @@ ffs_valloc(pvp, mode, cred, vpp)
 	 * Set up a new generation number for this inode.
 	 */
 	if (ip->i_gen == 0 || ++ip->i_gen == 0)
-		ip->i_gen = random() / 2 + 1;
+		ip->i_gen = arc4random() / 2 + 1;
 	DIP(ip, i_gen) = ip->i_gen;
 	if (fs->fs_magic == FS_UFS2_MAGIC) {
 		vfs_timestamp(&ts);
@@ -1630,7 +1630,7 @@ ffs_nodealloccg(ip, cg, ipref, mode)
 		bzero(ibp->b_data, (int)fs->fs_bsize);
 		dp2 = (struct ufs2_dinode *)(ibp->b_data);
 		for (i = 0; i < INOPB(fs); i++) {
-			dp2->di_gen = random() / 2 + 1;
+			dp2->di_gen = arc4random() / 2 + 1;
 			dp2++;
 		}
 		bawrite(ibp);
diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c
index 203ad037976d..de01977e8457 100644
--- a/sys/ufs/ffs/ffs_vfsops.c
+++ b/sys/ufs/ffs/ffs_vfsops.c
@@ -1345,7 +1345,7 @@ ffs_vget(mp, ino, flags, vpp)
 	 * already have one. This should only happen on old filesystems.
 	 */
 	if (ip->i_gen == 0) {
-		ip->i_gen = random() / 2 + 1;
+		ip->i_gen = arc4random() / 2 + 1;
 		if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) {
 			ip->i_flag |= IN_MODIFIED;
 			DIP(ip, i_gen) = ip->i_gen;