d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove cap_random(3).

Browse Source 
Now that we have a way to obtain entropy in capability mode
(getrandom(2)), libcap_random is obsolete.  Remove it.

Bump __FreeBSD_version in case anything happens to use it, though I've
found no consumers.

Reviewed by:	delphij, emaste, oshogbo
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D21033
This commit is contained in:
Mark Johnston 2019-07-24 22:50:43 +00:00
parent 7f3f6aad3e
commit a76f78dc3f
11 changed files with 6 additions and 323 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ObsoleteFiles.inc
View File

@ -38,6 +38,11 @@
# xargs -n1 | sort | uniq -d;
# done
# 20190722: cap_random(3) removed
OLD_FILES+=lib/casper/libcap_random.so.1
OLD_FILES+=usr/include/casper/cap_random.h
OLD_FILES+=usr/share/man/man3/cap_random.3.gz
OLD_FILES+=usr/share/man/man3/cap_random_buf.3.gz
# 20190708: vm_page_hold() and _unhold() removed
OLD_FILES+=usr/share/man/man9/vm_page_hold.9.gz
# 20190618: sys/capability.h removed (sys/capsicum.h is the one to use)

1
lib/libcasper/libcasper/libcasper.3
View File

@ -264,7 +264,6 @@ functions always succeed.
.Xr cap_dns 3 ,
.Xr cap_grp 3 ,
.Xr cap_pwd 3 ,
.Xr cap_random 3 ,
.Xr cap_sysctl 3 ,
.Xr cap_syslog 3 ,
.Xr libcasper_service 3 ,

1
lib/libcasper/services/Makefile
View File

@ -6,7 +6,6 @@ SUBDIR= cap_dns
SUBDIR+= cap_fileargs
SUBDIR+= cap_grp
SUBDIR+= cap_pwd
SUBDIR+= cap_random
SUBDIR+= cap_sysctl
SUBDIR+= cap_syslog

29
lib/libcasper/services/cap_random/Makefile
View File

@ -1,29 +0,0 @@
# $FreeBSD$
SHLIBDIR?= /lib/casper
.include <src.opts.mk>
PACKAGE=libcasper
SHLIB_MAJOR= 1
INCSDIR?= ${INCLUDEDIR}/casper
.if ${MK_CASPER} != "no"
SHLIB= cap_random
SRCS= cap_random.c
.endif
INCS= cap_random.h
LIBADD= nv
CFLAGS+=-I${.CURDIR}
MAN+= cap_random.3
MLINKS+=cap_random.3 libcap_random.3
MLINKS+=cap_random.3 cap_random_buf.3
.include <bsd.lib.mk>

19
lib/libcasper/services/cap_random/Makefile.depend
View File

@ -1,19 +0,0 @@
# $FreeBSD$
# Autogenerated - do NOT edit!
DIRDEPS = \
gnu/lib/csu \
include \
include/xlocale \
lib/${CSU_DIR} \
lib/libc \
lib/libcasper/libcasper \
lib/libcompiler_rt \
lib/libnv \
.include <dirdeps.mk>
.if ${DEP_RELDIR} == ${_DEP_RELDIR}
# local dependencies - needed for -jN in clean tree
.endif

98
lib/libcasper/services/cap_random/cap_random.3
View File

@ -1,98 +0,0 @@
.\" Copyright (c) 2018 Mariusz Zaborski <oshogbo@FreeBSD.org>
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd February 26, 2018
.Dt CAP_RANDOM 3
.Os
.Sh NAME
.Nm cap_random_buf
.Nd "library for getting entropy in capability mode"
.Sh LIBRARY
.Lb libcap_random
.Sh SYNOPSIS
.In sys/nv.h
.In libcasper.h
.In casper/cap_random.h
.Ft "int"
.Fn cap_random_buf "cap_channel_t *chan" "void *buf" "size_t nbytes"
.Sh DESCRIPTION
The function
.Fn cap_random_buf
is equivalent to
.Xr arc4random_buf 3
except that the connection to the
.Nm system.random
service needs to be provided.
.Sh EXAMPLES
The following example first opens a capability to casper and then uses this
capability to create the
.Nm system.random
casper service to obtain entropy.
.Bd -literal
cap_channel_t *capcas, *caprandom;
unsigned char buf[16];
int i;
/* Open capability to Casper. */
capcas = cap_init();
if (capcas == NULL)
err(1, "Unable to contact Casper");
/* Enter capability mode sandbox. */
if (cap_enter() < 0 && errno != ENOSYS)
err(1, "Unable to enter capability mode");
/* Use Casper capability to create capability to the system.random service. */
caprandom = cap_service_open(capcas, "system.random");
if (caprandom == NULL)
err(1, "Unable to open system.random service");
/* Close Casper capability, we don't need it anymore. */
cap_close(capcas);
/* Obtain entropy. */
if (cap_random_buf(caprandom, buf, sizeof(buf)) < 0)
err(1, "Unable to obtain entropy");
for (i = 0; i < sizeof(buf); i++)
printf("%.2x ", buf[i]);
printf("\\n");
.Ed
.Sh SEE ALSO
.Xr cap_enter 2 ,
.Xr arc4random_buf 3 ,
.Xr err 3 ,
.Xr capsicum 4 ,
.Xr nv 9
.Sh AUTHORS
The
.Nm cap_random
service was implemented by
.An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net
under sponsorship from the FreeBSD Foundation.
.Pp
This manual page was written by
.An Mariusz Zaborski Aq Mt oshogbo@FreeBSD.org .

119
lib/libcasper/services/cap_random/cap_random.c
View File

@ -1,119 +0,0 @@
/*-
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
*
* Copyright (c) 2013 The FreeBSD Foundation
* All rights reserved.
*
* This software was developed by Pawel Jakub Dawidek under sponsorship from
* the FreeBSD Foundation.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/nv.h>
#include <assert.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <libcasper.h>
#include <libcasper_service.h>
#include "cap_random.h"
#define MAXSIZE (1024 * 1024)
int
cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes)
{
nvlist_t *nvl;
const void *randbuf;
uint8_t *ptr;
size_t left, randbufsize;
left = nbytes;
ptr = buf;
while (left > 0) {
nvl = nvlist_create(0);
nvlist_add_string(nvl, "cmd", "generate");
nvlist_add_number(nvl, "size",
(uint64_t)(left > MAXSIZE ? MAXSIZE : left));
nvl = cap_xfer_nvlist(chan, nvl);
if (nvl == NULL)
return (-1);
if (nvlist_get_number(nvl, "error") != 0) {
errno = (int)nvlist_get_number(nvl, "error");
nvlist_destroy(nvl);
return (-1);
}
randbuf = nvlist_get_binary(nvl, "data", &randbufsize);
memcpy(ptr, randbuf, randbufsize);
nvlist_destroy(nvl);
ptr += randbufsize;
assert(left >= randbufsize);
left -= randbufsize;
}
return (0);
}
/*
* Service functions.
*/
static int
random_command(const char *cmd, const nvlist_t *limits __unused,
nvlist_t *nvlin, nvlist_t *nvlout)
{
void *data;
size_t size;
if (strcmp(cmd, "generate") != 0)
return (EINVAL);
if (!nvlist_exists_number(nvlin, "size"))
return (EINVAL);
size = (size_t)nvlist_get_number(nvlin, "size");
if (size == 0 || size > MAXSIZE)
return (EINVAL);
data = malloc(size);
if (data == NULL)
return (ENOMEM);
arc4random_buf(data, size);
nvlist_move_binary(nvlout, "data", data, size);
return (0);
}
CREATE_SERVICE("system.random", NULL, random_command, 0);

51
lib/libcasper/services/cap_random/cap_random.h
View File

@ -1,51 +0,0 @@
/*-
* Copyright (c) 2013 The FreeBSD Foundation
* All rights reserved.
*
* This software was developed by Pawel Jakub Dawidek under sponsorship from
* the FreeBSD Foundation.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#ifndef _CAP_RANDOM_H_
#define _CAP_RANDOM_H_
#ifdef HAVE_CASPER
#define WITH_CASPER
#endif
#ifdef WITH_CASPER
int cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes);
#else
inline int
cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes)
{
arc4random_buf(buf, nbytes);
return(0);
}
#endif
#endif /* !_CAP_RANDOM_H_ */

3
share/mk/src.libnames.mk
View File

@ -82,7 +82,6 @@ _LIBRARIES= \
cap_fileargs \
cap_grp \
cap_pwd \
cap_random \
cap_sysctl \
cap_syslog \
com_err \
@ -260,7 +259,6 @@ _DP_cap_dns= nv
_DP_cap_fileargs= nv
_DP_cap_grp= nv
_DP_cap_pwd= nv
_DP_cap_random= nv
_DP_cap_sysctl= nv
_DP_cap_syslog= nv
.if ${MK_OFED} != "no"
@ -599,7 +597,6 @@ LIBCASPERDIR= ${OBJTOP}/lib/libcasper/libcasper
LIBCAP_DNSDIR= ${OBJTOP}/lib/libcasper/services/cap_dns
LIBCAP_GRPDIR= ${OBJTOP}/lib/libcasper/services/cap_grp
LIBCAP_PWDDIR= ${OBJTOP}/lib/libcasper/services/cap_pwd
LIBCAP_RANDOMDIR= ${OBJTOP}/lib/libcasper/services/cap_random
LIBCAP_SYSCTLDIR= ${OBJTOP}/lib/libcasper/services/cap_sysctl
LIBCAP_SYSLOGDIR= ${OBJTOP}/lib/libcasper/services/cap_syslog
LIBBSDXMLDIR= ${OBJTOP}/lib/libexpat

2
sys/sys/param.h
View File

@ -60,7 +60,7 @@
* in the range 5 to 9.
*/
#undef __FreeBSD_version
#define __FreeBSD_version 1300036 /* Master, propagated to newvers */
#define __FreeBSD_version 1300037 /* Master, propagated to newvers */
/*
* __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,

1
targets/pseudo/userland/lib/Makefile.depend
View File

@ -221,7 +221,6 @@ DIRDEPS+= \
lib/libcasper/services/cap_dns \
lib/libcasper/services/cap_grp \
lib/libcasper/services/cap_pwd \
lib/libcasper/services/cap_random \
lib/libcasper/services/cap_sysctl \
.endif