Remove cap_random(3).

Now that we have a way to obtain entropy in capability mode
(getrandom(2)), libcap_random is obsolete.  Remove it.

Bump __FreeBSD_version in case anything happens to use it, though I've
found no consumers.

Reviewed by:	delphij, emaste, oshogbo
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D21033

ObsoleteFiles.inc

@@ -38,6 +38,11 @@
 #   xargs -n1 | sort | uniq -d;
 # done
 
+# 20190722: cap_random(3) removed
+OLD_FILES+=lib/casper/libcap_random.so.1
+OLD_FILES+=usr/include/casper/cap_random.h
+OLD_FILES+=usr/share/man/man3/cap_random.3.gz
+OLD_FILES+=usr/share/man/man3/cap_random_buf.3.gz
 # 20190708: vm_page_hold() and _unhold() removed
 OLD_FILES+=usr/share/man/man9/vm_page_hold.9.gz
 # 20190618: sys/capability.h removed (sys/capsicum.h is the one to use)

lib/libcasper/libcasper/libcasper.3

@@ -264,7 +264,6 @@ functions always succeed.
 .Xr cap_dns 3 ,
 .Xr cap_grp 3 ,
 .Xr cap_pwd 3 ,
-.Xr cap_random 3 ,
 .Xr cap_sysctl 3 ,
 .Xr cap_syslog 3 ,
 .Xr libcasper_service 3 ,

lib/libcasper/services/Makefile

@@ -6,7 +6,6 @@ SUBDIR=		cap_dns
 SUBDIR+=	cap_fileargs
 SUBDIR+=	cap_grp
 SUBDIR+=	cap_pwd
-SUBDIR+=	cap_random
 SUBDIR+=	cap_sysctl
 SUBDIR+=	cap_syslog
 

lib/libcasper/services/cap_random/Makefile

@@ -1,29 +0,0 @@
-# $FreeBSD$
-
-SHLIBDIR?=	/lib/casper
-
-.include <src.opts.mk>
-
-PACKAGE=libcasper
-
-SHLIB_MAJOR=	1
-INCSDIR?=	${INCLUDEDIR}/casper
-
-.if ${MK_CASPER} != "no"
-SHLIB=	cap_random
-
-SRCS=	cap_random.c
-.endif
-
-INCS=	cap_random.h
-
-LIBADD=	nv
-
-CFLAGS+=-I${.CURDIR}
-
-MAN+=	cap_random.3
-
-MLINKS+=cap_random.3 libcap_random.3
-MLINKS+=cap_random.3 cap_random_buf.3
-
-.include <bsd.lib.mk>

lib/libcasper/services/cap_random/Makefile.depend

@@ -1,19 +0,0 @@
-# $FreeBSD$
-# Autogenerated - do NOT edit!
-
-DIRDEPS = \
-	gnu/lib/csu \
-	include \
-	include/xlocale \
-	lib/${CSU_DIR} \
-	lib/libc \
-	lib/libcasper/libcasper \
-	lib/libcompiler_rt \
-	lib/libnv \
-
-
-.include <dirdeps.mk>
-
-.if ${DEP_RELDIR} == ${_DEP_RELDIR}
-# local dependencies - needed for -jN in clean tree
-.endif

lib/libcasper/services/cap_random/cap_random.3

@@ -1,98 +0,0 @@
-.\" Copyright (c) 2018 Mariusz Zaborski <oshogbo@FreeBSD.org>
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\" $FreeBSD$
-.\"
-.Dd February 26, 2018
-.Dt CAP_RANDOM 3
-.Os
-.Sh NAME
-.Nm cap_random_buf
-.Nd "library for getting entropy in capability mode"
-.Sh LIBRARY
-.Lb libcap_random
-.Sh SYNOPSIS
-.In sys/nv.h
-.In libcasper.h
-.In casper/cap_random.h
-.Ft "int"
-.Fn cap_random_buf "cap_channel_t *chan" "void *buf" "size_t nbytes"
-.Sh DESCRIPTION
-The function
-.Fn cap_random_buf
-is equivalent to
-.Xr arc4random_buf 3
-except that the connection to the
-.Nm system.random
-service needs to be provided.
-.Sh EXAMPLES
-The following example first opens a capability to casper and then uses this
-capability to create the
-.Nm system.random
-casper service to obtain entropy.
-.Bd -literal
-cap_channel_t *capcas, *caprandom;
-unsigned char buf[16];
-int i;
-
-/* Open capability to Casper. */
-capcas = cap_init();
-if (capcas == NULL)
-	err(1, "Unable to contact Casper");
-
-/* Enter capability mode sandbox. */
-if (cap_enter() < 0 && errno != ENOSYS)
-	err(1, "Unable to enter capability mode");
-
-/* Use Casper capability to create capability to the system.random service. */
-caprandom = cap_service_open(capcas, "system.random");
-if (caprandom == NULL)
-	err(1, "Unable to open system.random service");
-
-/* Close Casper capability, we don't need it anymore. */
-cap_close(capcas);
-
-/* Obtain entropy. */
-if (cap_random_buf(caprandom, buf, sizeof(buf)) < 0)
-	err(1, "Unable to obtain entropy");
-
-for (i = 0; i < sizeof(buf); i++)
-	printf("%.2x ", buf[i]);
-printf("\\n");
-.Ed
-.Sh SEE ALSO
-.Xr cap_enter 2 ,
-.Xr arc4random_buf 3 ,
-.Xr err 3 ,
-.Xr capsicum 4 ,
-.Xr nv 9
-.Sh AUTHORS
-The
-.Nm cap_random
-service was implemented by
-.An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net
-under sponsorship from the FreeBSD Foundation.
-.Pp
-This manual page was written by
-.An Mariusz Zaborski Aq Mt oshogbo@FreeBSD.org .

lib/libcasper/services/cap_random/cap_random.c

@@ -1,119 +0,0 @@
-/*-
- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
- *
- * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
- *
- * This software was developed by Pawel Jakub Dawidek under sponsorship from
- * the FreeBSD Foundation.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/nv.h>
-
-#include <assert.h>
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <libcasper.h>
-#include <libcasper_service.h>
-
-#include "cap_random.h"
-
-#define	MAXSIZE	(1024 * 1024)
-
-int
-cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes)
-{
-	nvlist_t *nvl;
-	const void *randbuf;
-	uint8_t *ptr;
-	size_t left, randbufsize;
-
-	left = nbytes;
-	ptr = buf;
-
-	while (left > 0) {
-		nvl = nvlist_create(0);
-		nvlist_add_string(nvl, "cmd", "generate");
-		nvlist_add_number(nvl, "size",
-		    (uint64_t)(left > MAXSIZE ? MAXSIZE : left));
-		nvl = cap_xfer_nvlist(chan, nvl);
-		if (nvl == NULL)
-			return (-1);
-		if (nvlist_get_number(nvl, "error") != 0) {
-			errno = (int)nvlist_get_number(nvl, "error");
-			nvlist_destroy(nvl);
-			return (-1);
-		}
-
-		randbuf = nvlist_get_binary(nvl, "data", &randbufsize);
-		memcpy(ptr, randbuf, randbufsize);
-
-		nvlist_destroy(nvl);
-
-		ptr += randbufsize;
-		assert(left >= randbufsize);
-		left -= randbufsize;
-	}
-
-	return (0);
-}
-
-/*
- * Service functions.
- */
-
-static int
-random_command(const char *cmd, const nvlist_t *limits __unused,
-    nvlist_t *nvlin, nvlist_t *nvlout)
-{
-	void *data;
-	size_t size;
-
-	if (strcmp(cmd, "generate") != 0)
-		return (EINVAL);
-	if (!nvlist_exists_number(nvlin, "size"))
-		return (EINVAL);
-
-	size = (size_t)nvlist_get_number(nvlin, "size");
-	if (size == 0 || size > MAXSIZE)
-		return (EINVAL);
-
-	data = malloc(size);
-	if (data == NULL)
-		return (ENOMEM);
-
-	arc4random_buf(data, size);
-
-	nvlist_move_binary(nvlout, "data", data, size);
-
-	return (0);
-}
-
-CREATE_SERVICE("system.random", NULL, random_command, 0);

lib/libcasper/services/cap_random/cap_random.h

@@ -1,51 +0,0 @@
-/*-
- * Copyright (c) 2013 The FreeBSD Foundation
- * All rights reserved.
- *
- * This software was developed by Pawel Jakub Dawidek under sponsorship from
- * the FreeBSD Foundation.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * $FreeBSD$
- */
-
-#ifndef	_CAP_RANDOM_H_
-#define	_CAP_RANDOM_H_
-
-#ifdef HAVE_CASPER
-#define WITH_CASPER
-#endif
-
-#ifdef WITH_CASPER
-int cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes);
-#else
-inline int
-cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes)
-{
-
-	arc4random_buf(buf, nbytes);
-	return(0);
-}
-#endif
-
-#endif	/* !_CAP_RANDOM_H_ */

share/mk/src.libnames.mk

@@ -82,7 +82,6 @@ _LIBRARIES=	\
 		cap_fileargs \
 		cap_grp \
 		cap_pwd \
-		cap_random \
 		cap_sysctl \
 		cap_syslog \
 		com_err \
@@ -260,7 +259,6 @@ _DP_cap_dns=	nv
 _DP_cap_fileargs=	nv
 _DP_cap_grp=	nv
 _DP_cap_pwd=	nv
-_DP_cap_random=	nv
 _DP_cap_sysctl=	nv
 _DP_cap_syslog=	nv
 .if ${MK_OFED} != "no"
@@ -599,7 +597,6 @@ LIBCASPERDIR=	${OBJTOP}/lib/libcasper/libcasper
 LIBCAP_DNSDIR=	${OBJTOP}/lib/libcasper/services/cap_dns
 LIBCAP_GRPDIR=	${OBJTOP}/lib/libcasper/services/cap_grp
 LIBCAP_PWDDIR=	${OBJTOP}/lib/libcasper/services/cap_pwd
-LIBCAP_RANDOMDIR=	${OBJTOP}/lib/libcasper/services/cap_random
 LIBCAP_SYSCTLDIR=	${OBJTOP}/lib/libcasper/services/cap_sysctl
 LIBCAP_SYSLOGDIR=	${OBJTOP}/lib/libcasper/services/cap_syslog
 LIBBSDXMLDIR=	${OBJTOP}/lib/libexpat

sys/sys/param.h

@@ -60,7 +60,7 @@
  *		in the range 5 to 9.
  */
 #undef __FreeBSD_version
-#define __FreeBSD_version 1300036	/* Master, propagated to newvers */
+#define __FreeBSD_version 1300037	/* Master, propagated to newvers */
 
 /*
  * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,

targets/pseudo/userland/lib/Makefile.depend

@@ -221,7 +221,6 @@ DIRDEPS+= \
 	lib/libcasper/services/cap_dns \
 	lib/libcasper/services/cap_grp \
 	lib/libcasper/services/cap_pwd \
-	lib/libcasper/services/cap_random \
 	lib/libcasper/services/cap_sysctl \
 
 .endif