34 Commits

Author SHA1 Message Date
ache
06e4e4310f Micro optimize: C standard guarantees that right shift for unsigned value
fills left bits with zero, and we have exact 32bit unsigned value
(uint32_t), so there is no reason to add "& 0x7fffffff" here.

MFC after:      1 week
2016-05-29 16:39:28 +00:00
ache
bfed8b7764 1) Unifdef USE_WEAK_SEEDING it is too obsolete to support and makes reading
harder.

2) ACM paper require seed to be in [1, 2^31-2] range, so use the same range
shifting as already done for rand(3). Also protect srandomdev() + TYPE_0 case
(non default) from negative seeds.

3) Don't check for valid "type" range in setstate(), it is always valid as
calculated. Instead add a check that rear pointer not exceeed end pointer.

MFC after:      1 week
2016-05-29 11:54:09 +00:00
ache
ba8920d51c 1) POSIX prohibits printing errors to stderr here and require
returning NULL:

"Upon successful completion, initstate() and setstate() shall return a
pointer to the previous state array; otherwise, a null pointer shall
be returned.

Although some implementations of random() have written messages to
standard error, such implementations do not conform to POSIX.1-2008."

2) Move error detections earlier to prevent state modifying.

MFC after:      1 week
2016-05-22 06:18:59 +00:00
emaste
a027d64fa7 Renumber clauses to reduce diffs to other versions
NetBSD, OpenBSD, and Android's Bionic number the clauses 1 through 3,
so follow suit to make comparison easier.
2013-06-13 00:19:30 +00:00
delphij
08ef412169 Replace access to /dev/random with the kernel pseudo-random number
source sysctl(KERN_ARND) and remove the fallback code.

Obtained from:	OpenBSD
Reviewed by:	secteam
MFC after:	1 month
2013-04-02 23:41:20 +00:00
eadler
6a02d06d1d Remove undefined behavior from sranddev() and
srandomdev(). This doesn't actually work
with any modern C compiler:

In particular, both clang and modern gcc
verisons silently elide any xor operation
with 'junk'.

Approved by:	secteam
MFC after:	3 days
2012-10-09 14:25:14 +00:00
jilles
fba61ef227 libc: Use O_CLOEXEC for various internal file descriptors.
This fixes a race condition where another thread may fork() before CLOEXEC
is set, unintentionally passing the descriptor to the child process.

This commit only adds O_CLOEXEC flags to open() or openat() calls where no
fcntl(fd, F_SETFD, FD_CLOEXEC) follows. The separate fcntl() call still
leaves a race window so it should be fixed later.
2012-09-29 11:54:34 +00:00
des
26701fe358 Slight stylification. 2012-09-28 13:50:37 +00:00
kevlo
8552821dd8 Make 'junk' volatile so that compilers won't be tempted to optimize
Reviewed by:	ache
MFC after:	3 days
2012-08-17 01:05:56 +00:00
imp
cd1f140ae4 Per Regents of the University of Calfornia letter, remove advertising
clause.

# If I've done so improperly on a file, please let me know.
2007-01-09 00:28:16 +00:00
das
d62dc6465a Use 'uint32_t' instead of 'long' when a 32-bit integer is intended.
This results in no functional change, aside from fixing a data
corruption bug on LP64 platforms.  The code here could still use a
significant amount of cleanup.

PR:		56502
Submitted by:	hrs (earlier version)
2004-01-20 03:02:18 +00:00
ache
5e7abd79c0 For type 0 rng lower initial drop to 50, it is enough to hide linearity
Reorganize historic #ifdef section
2003-08-10 17:49:55 +00:00
ache
406a1bc7bb For rand(3) and random(3) TYPE_0 drop NSHUFF values right after srand{om}()
to remove part of seed -> 1st value correlation. Correlation still remains
because of algorithm limits. Note that old algorithm have even stronger
correlation, especially in the lower bits area, but not eye-visible, as
current one.
2003-02-04 11:24:08 +00:00
ache
2c36f3e337 Park & Miller PRNG can be safely initialized with any value but 0 and stuck
at 0 as designed. Its BSD adaptation tries to fight it by mapping 0 to
2147483647 after calculation, but this method not works since 2147483647
seed returns to 0 again on the next interation. Instead of after calculation
mapping, map 0 to another value _before_ calculation, so it never stucks.
2003-02-03 10:22:12 +00:00
obrien
d90536e35b Fix the style of the SCM ID's.
I believe have made all of libc .c's as consistent as possible.
2002-03-22 21:53:29 +00:00
obrien
3b73ce2319 Remove __P() usage. 2002-03-21 22:49:10 +00:00
obrien
1196344bb3 Remove 'register' keyword. 2002-03-21 18:49:23 +00:00
markm
6187976edf Add a long-overdue nail to the deprecated /dev/urandom interface
by asking some things that need unpredictable numbers to read
/dev/random instead.
2001-10-30 21:26:50 +00:00
dd
7e284cc83d urandom(4) -> random(4) in comments.
PR:		27858
Submitted by:	Yoshihiro Koya <Yoshihiro.Koya@math.yokohama-cu.ac.jp>
Reviewed by:	md5(1)
Approved by:	markm
2001-06-07 02:32:18 +00:00
ache
18527260ea srand*dev() fallback code: change ^getpid() to ^(getpid() << 16) to allow
change of high word part too to produce more interesting seed distribution.
2001-04-23 10:14:28 +00:00
deischen
1635c221b7 Remove _THREAD_SAFE and make libc thread-safe by default by
adding (weak definitions to) stubs for some of the pthread
functions.  If the threads library is linked in, the real
pthread functions will pulled in.

Use the following convention for system calls wrapped by the
threads library:
	__sys_foo - actual system call
	_foo - weak definition to __sys_foo
	foo - weak definition to __sys_foo

Change all libc uses of system calls wrapped by the threads
library from foo to _foo.  In order to define the prototypes
for _foo(), we introduce namespace.h and un-namespace.h
(suggested by bde).  All files that need to reference these
system calls, should include namespace.h before any standard
includes, then include un-namespace.h after the standard
includes and before any local includes.  <db.h> is an exception
and shouldn't be included in between namespace.h and
un-namespace.h  namespace.h will define foo to _foo, and
un-namespace.h will undefine foo.

Try to eliminate some of the recursive calls to MT-safe
functions in libc/stdio in preparation for adding a mutex
to FILE.  We have recursive mutexes, but would like to avoid
using them if possible.

Remove uneeded includes of <errno.h> from a few files.

Add $FreeBSD$ to a few files in order to pass commitprep.

Approved by:	-arch
2001-01-24 13:01:12 +00:00
jasone
8abe2a2d86 Simplify sytem call renaming. Instead of _foo() <-- _libc_foo <-- foo(),
just use _foo() <-- foo().  In the case of a libpthread that doesn't do
call conversion (such as linuxthreads and our upcoming libpthread), this
is adequate.  In the case of libc_r, we still need three names, which are
now _thread_sys_foo() <-- _foo() <-- foo().

Convert all internal libc usage of: aio_suspend(), close(), fsync(), msync(),
nanosleep(), open(), fcntl(), read(), and write() to _foo() instead of foo().

Remove all internal libc usage of: creat(), pause(), sleep(), system(),
tcdrain(), wait(), and waitpid().

Make thread cancellation fully POSIX-compliant.

Suggested by:	deischen
2000-01-27 23:07:25 +00:00
jasone
75903038bc Add three-tier symbol naming in support of POSIX thread cancellation
points.  For library functions, the pattern is __sleep() <--
_libc_sleep() <-- sleep().  The arrows represent weak aliases.  For
system calls, the pattern is _read() <-- _libc_read() <-- read().
2000-01-12 09:23:48 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
ache
898607164b srandomdev: use stack junk value in the fallback code too 1997-06-15 18:23:19 +00:00
ache
98ddc15c28 Instead of copying fallback code over and over in each program,
implement (better) falback code inside srandomdev() itself.
Change return type from int to void (binary compatibility surprisely
achieved). Userland code will be changed soon.
1997-06-14 00:14:29 +00:00
ache
869ea014d0 Remove orand* code as promised for the next release 1997-03-29 19:55:03 +00:00
ache
27fa1c8849 Fix urandom reference in the comment 1997-03-23 23:09:31 +00:00
ache
b9d8a7cc98 Add srandomdev() function (use "/dev/urandom" now)
Submitted by: wollman & me (add type casts and remove unneded loop)
1997-03-23 22:40:20 +00:00
peter
8574ea8a0e Merge Lite2 changes 1997-03-11 11:39:58 +00:00
ache
c00dcd7b7a Improve seeding, the random sequence did not vary match
with the seed. Old variant will be available via libcompat soon.
1996-10-09 15:59:04 +00:00
rgrimes
f05428e4cd Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
bde
5a325be3b5 u_int -> unsigned int, so that we don't have to include <sys/types.h>
or depend on <stdio.h> bogusly including it.
1994-09-05 13:26:40 +00:00
rgrimes
be22b15ae2 BSD 4.4 Lite Lib Sources 1994-05-27 05:00:24 +00:00