d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e12bf34c05
freebsd-dev/lib
History
Conrad Meyer 86def3dcd6 getrandom(2): Add Linux GRND_INSECURE API flag 
Treat it as a synonym for GRND_NONBLOCK.  The reasoning is this:

We have two choices for handling Linux's GRND_INSECURE API flag.

1. We could ignore it completely (like GRND_RANDOM).  However, this might
produce the surprising result of GRND_INSECURE requests blocking, when the
Linux API does not block.

2. Alternatively, we could treat GRND_INSECURE requests as requests for
GRND_NONBLOCk.  Here, the surprising result for Linux programs is that
invocations with unseeded random(4) will produce EAGAIN, rather than
garbage.

Honoring the flag in the way Linux does seems fraught.  If we actually use
the output of a random(4) implementation prior to seeding, we leak some
entropy (in an information theory and also practical sense) from what will
be the initial seed to attackers (or allow attackers to arbitrary DoS
initial seeding, if we don't leak).  This seems unacceptable -- it defeats
the purpose of blocking on initial seeding.

Secondary to that concern, before seeding we may have arbitrarily little
entropy collected; producing output from zero or a handful of entropy bits
does not seem particularly useful to userspace.

If userspace can accept garbage, insecure, non-random bytes, they can create
their own insecure garbage with srandom(time(NULL)) or similar.  Any program
which would be satisfied with a 3-bit key CTR stream has no need for CSPRNG
bytes.  So asking the kernel to produce such an output from the secure
getrandom(2) API seems inane.

For now, we've elected to emulate GRND_INSECURE as an alternative spelling
of GRND_NONBLOCK (2).  Consider this API not-quite stable for now.  We
guarantee it will never block.  But we will attempt to monitor actual port
uptake of this bizarre API and may revise our plans for the unseeded
behavior (prior stable/13 branching).

Approved by:	csprng(markm), manpages(bcr)
See also:	https://lwn.net/ml/linux-kernel/cover.1577088521.git.luto@kernel.org/
See also:	https://lwn.net/ml/linux-kernel/20200107204400.GH3619@mit.edu/
Differential Revision:	https://reviews.freebsd.org/D23130
2020-01-12 20:47:38 +00:00
..
atf Update Makefile.depend files 2019-12-11 17:37:53 +00:00
clang [PowerPC] Fix libllvmminimal build when building from powerpc64 ELFv1. 2020-01-07 22:45:02 +00:00
csu mips !o32: fix csu build 2020-01-03 20:01:36 +00:00
geom Remove GEOM_SCHED class and gsched tool. 2019-12-29 21:16:03 +00:00
googletest Another round of attempting to squelch -Wdeprecated-declarations, which 2019-09-17 06:07:08 +00:00
lib80211 Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libalias Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libarchive MFV r356163,r356197: 2019-12-31 00:05:06 +00:00
libauditd pkgbase: Create a FreeBSD-utilities package and make it the default one 2019-09-05 14:15:47 +00:00
libbe libbe(3): promote dependent clones when destroying an environment 2020-01-02 18:46:33 +00:00
libbearssl Add libbearssl 2019-02-26 05:59:22 +00:00
libbegemot Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libblacklist Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libblocksruntime Move all sources from the llvm project into contrib/llvm-project. 2019-12-20 19:53:05 +00:00
libbluetooth Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libbsdstat Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libbsm Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libbsnmp Update dirdeps.mk and gendirdeps.mk 2019-12-11 17:38:15 +00:00
libbz2 Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libc getrandom(2): Add Linux GRND_INSECURE API flag 2020-01-12 20:47:38 +00:00
libc_nonshared
libc++ Move all sources from the llvm project into contrib/llvm-project. 2019-12-20 19:53:05 +00:00
libc++experimental Move all sources from the llvm project into contrib/llvm-project. 2019-12-20 19:53:05 +00:00
libcalendar Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libcam Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libcapsicum capsicum_helpers: split stream cap bits out of caph_limit_stream() 2020-01-02 23:07:45 +00:00
libcasper Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libclang_rt Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp 2019-12-22 11:50:44 +00:00
libcom_err Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libcompat ftime appeared in 7th Edition Unix to replace gtime. 2018-10-28 02:58:15 +00:00
libcompiler_rt [PowerPC] enable atomic.c in compiler_rt and do not check and forces 2019-12-26 23:06:28 +00:00
libcrypt Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libcuse Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libcxxrt Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libdevctl Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libdevdctl libdevdctl: g++9 avoid Wdeprecated-copy 2019-12-21 02:44:26 +00:00
libdevinfo Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libdevstat Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libdl
libdpv Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libdwarf Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libedit Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libefivar Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libelf Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libelftc Update ELF Tool Chain to upstream r3769 2019-12-05 13:20:15 +00:00
libevent Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libexecinfo Move all sources from the llvm project into contrib/llvm-project. 2019-12-20 19:53:05 +00:00
libexpat Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libfetch Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libfigpar Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libgcc_eh Move all sources from the llvm project into contrib/llvm-project. 2019-12-20 19:53:05 +00:00
libgcc_s Fix LLVM libunwnwind _Unwind_Backtrace symbol version for ARM. 2019-12-16 14:08:49 +00:00
libgeom Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libgpio Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libgssapi Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libiconv_modules
libifconfig Make libifconfig INTERNALLIB 2019-02-25 18:22:20 +00:00
libipsec Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libipt Update Intel Processor Trace decoder library. 2019-10-10 12:46:34 +00:00
libjail libjail: Handle an error from reallocarray() when trimming the buffer. 2020-01-07 21:44:27 +00:00
libkiconv pkgbase: Put a lot of binaries and lib in FreeBSD-runtime 2019-09-05 14:13:08 +00:00
libkvm Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libldns Update Makefile.depend files 2019-12-11 17:37:53 +00:00
liblzma Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libmagic Tweaks for DIRDEPS_BUILD 2019-12-19 02:40:04 +00:00
libmd Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libmemstat Use per-domain keg locks. This provides both a lock and separate space 2020-01-04 03:30:08 +00:00
libmilter Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libmp Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libmt Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libnetbsd Make timespecadd(3) and friends public 2018-07-30 15:46:40 +00:00
libnetgraph Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libngatm Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libnv Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libomp Move all sources from the llvm project into contrib/llvm-project. 2019-12-20 19:53:05 +00:00
libopenbsd Allow bootstrapping libopenbsd on Linux 2018-12-05 10:58:02 +00:00
libopencsd Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libopie Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libpam Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libpathconv
libpcap MFV r353141 (by phillip): 2019-12-21 21:01:03 +00:00
libpe
libpjdlog pkgbase: Create a FreeBSD-utilities package and make it the default one 2019-09-05 14:15:47 +00:00
libpmc Tweaks for DIRDEPS_BUILD 2019-12-19 02:40:04 +00:00
libpmcstat
libproc Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libprocstat procstat: read lo_name instead of now removed v_tag 2020-01-07 05:33:33 +00:00
libradius libradius: Rip out dubious use of srandomdev(3)+random(3) 2019-12-13 04:55:17 +00:00
libregex Further normalize copyright notices 2019-09-26 16:19:22 +00:00
librpcsec_gss
librpcsvc Update Makefile.depend files 2019-12-11 17:37:53 +00:00
librss Update Makefile.depend files 2019-12-11 17:37:53 +00:00
librt pkgbase: Create a FreeBSD-utilities package and make it the default one 2019-09-05 14:15:47 +00:00
librtld_db Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libsbuf Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libsdp Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libsecureboot Avoid unused vars when VE_ECDSA_HASH_AGAIN undefined 2019-12-20 21:56:28 +00:00
libsm
libsmb Move nsmb.conf to lib/libsmb/ 2018-09-20 09:31:27 +00:00
libsmdb
libsmutil
libsqlite3 Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libssp libssp: fix FORTIFY_SOURCE stub declarations 2020-01-04 22:05:00 +00:00
libssp_nonshared Provide libssp based on libc 2020-01-04 20:19:25 +00:00
libstats Make use of the stats(3) framework in the TCP stack. 2019-12-02 20:58:04 +00:00
libstdbuf
libstdthreads Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libsysdecode Update libssp paths in various Makefile.depend* files 2020-01-06 18:15:55 +00:00
libtacplus libtacplus: Remove bogus srandomdev+random 2019-12-13 05:11:34 +00:00
libtelnet
libthr Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libthread_db Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libucl Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libufs Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libugidfw Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libulog Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libunbound Update Makefile for 1.8.0, apologies for the breakage. 2018-10-10 08:19:11 +00:00
libusb Implement new libusb v2.0 API function, libusb20_dev_get_stats(). 2019-12-27 20:35:12 +00:00
libusbhid Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libutil Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libveriexec Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libvgl Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libvmmapi Forgotten to remove the previous if statement in commit r355838. 2019-12-17 01:37:02 +00:00
libwrap Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libxo Allow proper builds of libxo's CSV encoder: 2019-12-16 22:05:03 +00:00
liby
libypclnt Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libz Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libzstd Update Makefile.depend files 2019-12-11 17:37:53 +00:00
msun msun: drop clause 3 from the Berkeley license. 2019-12-27 01:11:26 +00:00
ncurses Update Makefile.depend files 2019-12-11 17:37:53 +00:00
ofed Update Makefile.depend files 2019-12-11 17:37:53 +00:00
tests
Makefile Provide libssp based on libc 2020-01-04 20:19:25 +00:00
Makefile.inc