Index: head/ObsoleteFiles.inc =================================================================== --- head/ObsoleteFiles.inc +++ head/ObsoleteFiles.inc @@ -38,6 +38,11 @@ # xargs -n1 | sort | uniq -d; # done +# 20190722: cap_random(3) removed +OLD_FILES+=lib/casper/libcap_random.so.1 +OLD_FILES+=usr/include/casper/cap_random.h +OLD_FILES+=usr/share/man/man3/cap_random.3.gz +OLD_FILES+=usr/share/man/man3/cap_random_buf.3.gz # 20190708: vm_page_hold() and _unhold() removed OLD_FILES+=usr/share/man/man9/vm_page_hold.9.gz # 20190618: sys/capability.h removed (sys/capsicum.h is the one to use) Index: head/lib/libcasper/libcasper/libcasper.3 =================================================================== --- head/lib/libcasper/libcasper/libcasper.3 +++ head/lib/libcasper/libcasper/libcasper.3 @@ -264,7 +264,6 @@ .Xr cap_dns 3 , .Xr cap_grp 3 , .Xr cap_pwd 3 , -.Xr cap_random 3 , .Xr cap_sysctl 3 , .Xr cap_syslog 3 , .Xr libcasper_service 3 , Index: head/lib/libcasper/services/Makefile =================================================================== --- head/lib/libcasper/services/Makefile +++ head/lib/libcasper/services/Makefile @@ -6,7 +6,6 @@ SUBDIR+= cap_fileargs SUBDIR+= cap_grp SUBDIR+= cap_pwd -SUBDIR+= cap_random SUBDIR+= cap_sysctl SUBDIR+= cap_syslog Index: head/lib/libcasper/services/cap_random/Makefile =================================================================== --- head/lib/libcasper/services/cap_random/Makefile +++ head/lib/libcasper/services/cap_random/Makefile @@ -1,29 +0,0 @@ -# $FreeBSD$ - -SHLIBDIR?= /lib/casper - -.include - -PACKAGE=libcasper - -SHLIB_MAJOR= 1 -INCSDIR?= ${INCLUDEDIR}/casper - -.if ${MK_CASPER} != "no" -SHLIB= cap_random - -SRCS= cap_random.c -.endif - -INCS= cap_random.h - -LIBADD= nv - -CFLAGS+=-I${.CURDIR} - -MAN+= cap_random.3 - -MLINKS+=cap_random.3 libcap_random.3 -MLINKS+=cap_random.3 cap_random_buf.3 - -.include Index: head/lib/libcasper/services/cap_random/Makefile.depend =================================================================== --- head/lib/libcasper/services/cap_random/Makefile.depend +++ head/lib/libcasper/services/cap_random/Makefile.depend @@ -1,19 +0,0 @@ -# $FreeBSD$ -# Autogenerated - do NOT edit! - -DIRDEPS = \ - gnu/lib/csu \ - include \ - include/xlocale \ - lib/${CSU_DIR} \ - lib/libc \ - lib/libcasper/libcasper \ - lib/libcompiler_rt \ - lib/libnv \ - - -.include - -.if ${DEP_RELDIR} == ${_DEP_RELDIR} -# local dependencies - needed for -jN in clean tree -.endif Index: head/lib/libcasper/services/cap_random/cap_random.h =================================================================== --- head/lib/libcasper/services/cap_random/cap_random.h +++ head/lib/libcasper/services/cap_random/cap_random.h @@ -1,51 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _CAP_RANDOM_H_ -#define _CAP_RANDOM_H_ - -#ifdef HAVE_CASPER -#define WITH_CASPER -#endif - -#ifdef WITH_CASPER -int cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes); -#else -inline int -cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes) -{ - - arc4random_buf(buf, nbytes); - return(0); -} -#endif - -#endif /* !_CAP_RANDOM_H_ */ Index: head/lib/libcasper/services/cap_random/cap_random.3 =================================================================== --- head/lib/libcasper/services/cap_random/cap_random.3 +++ head/lib/libcasper/services/cap_random/cap_random.3 @@ -1,98 +0,0 @@ -.\" Copyright (c) 2018 Mariusz Zaborski -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD$ -.\" -.Dd February 26, 2018 -.Dt CAP_RANDOM 3 -.Os -.Sh NAME -.Nm cap_random_buf -.Nd "library for getting entropy in capability mode" -.Sh LIBRARY -.Lb libcap_random -.Sh SYNOPSIS -.In sys/nv.h -.In libcasper.h -.In casper/cap_random.h -.Ft "int" -.Fn cap_random_buf "cap_channel_t *chan" "void *buf" "size_t nbytes" -.Sh DESCRIPTION -The function -.Fn cap_random_buf -is equivalent to -.Xr arc4random_buf 3 -except that the connection to the -.Nm system.random -service needs to be provided. -.Sh EXAMPLES -The following example first opens a capability to casper and then uses this -capability to create the -.Nm system.random -casper service to obtain entropy. -.Bd -literal -cap_channel_t *capcas, *caprandom; -unsigned char buf[16]; -int i; - -/* Open capability to Casper. */ -capcas = cap_init(); -if (capcas == NULL) - err(1, "Unable to contact Casper"); - -/* Enter capability mode sandbox. */ -if (cap_enter() < 0 && errno != ENOSYS) - err(1, "Unable to enter capability mode"); - -/* Use Casper capability to create capability to the system.random service. */ -caprandom = cap_service_open(capcas, "system.random"); -if (caprandom == NULL) - err(1, "Unable to open system.random service"); - -/* Close Casper capability, we don't need it anymore. */ -cap_close(capcas); - -/* Obtain entropy. */ -if (cap_random_buf(caprandom, buf, sizeof(buf)) < 0) - err(1, "Unable to obtain entropy"); - -for (i = 0; i < sizeof(buf); i++) - printf("%.2x ", buf[i]); -printf("\\n"); -.Ed -.Sh SEE ALSO -.Xr cap_enter 2 , -.Xr arc4random_buf 3 , -.Xr err 3 , -.Xr capsicum 4 , -.Xr nv 9 -.Sh AUTHORS -The -.Nm cap_random -service was implemented by -.An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net -under sponsorship from the FreeBSD Foundation. -.Pp -This manual page was written by -.An Mariusz Zaborski Aq Mt oshogbo@FreeBSD.org . Index: head/lib/libcasper/services/cap_random/cap_random.c =================================================================== --- head/lib/libcasper/services/cap_random/cap_random.c +++ head/lib/libcasper/services/cap_random/cap_random.c @@ -1,119 +0,0 @@ -/*- - * SPDX-License-Identifier: BSD-2-Clause-FreeBSD - * - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include -#include -#include - -#include -#include - -#include "cap_random.h" - -#define MAXSIZE (1024 * 1024) - -int -cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes) -{ - nvlist_t *nvl; - const void *randbuf; - uint8_t *ptr; - size_t left, randbufsize; - - left = nbytes; - ptr = buf; - - while (left > 0) { - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "generate"); - nvlist_add_number(nvl, "size", - (uint64_t)(left > MAXSIZE ? MAXSIZE : left)); - nvl = cap_xfer_nvlist(chan, nvl); - if (nvl == NULL) - return (-1); - if (nvlist_get_number(nvl, "error") != 0) { - errno = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (-1); - } - - randbuf = nvlist_get_binary(nvl, "data", &randbufsize); - memcpy(ptr, randbuf, randbufsize); - - nvlist_destroy(nvl); - - ptr += randbufsize; - assert(left >= randbufsize); - left -= randbufsize; - } - - return (0); -} - -/* - * Service functions. - */ - -static int -random_command(const char *cmd, const nvlist_t *limits __unused, - nvlist_t *nvlin, nvlist_t *nvlout) -{ - void *data; - size_t size; - - if (strcmp(cmd, "generate") != 0) - return (EINVAL); - if (!nvlist_exists_number(nvlin, "size")) - return (EINVAL); - - size = (size_t)nvlist_get_number(nvlin, "size"); - if (size == 0 || size > MAXSIZE) - return (EINVAL); - - data = malloc(size); - if (data == NULL) - return (ENOMEM); - - arc4random_buf(data, size); - - nvlist_move_binary(nvlout, "data", data, size); - - return (0); -} - -CREATE_SERVICE("system.random", NULL, random_command, 0); Index: head/share/mk/src.libnames.mk =================================================================== --- head/share/mk/src.libnames.mk +++ head/share/mk/src.libnames.mk @@ -82,7 +82,6 @@ cap_fileargs \ cap_grp \ cap_pwd \ - cap_random \ cap_sysctl \ cap_syslog \ com_err \ @@ -260,7 +259,6 @@ _DP_cap_fileargs= nv _DP_cap_grp= nv _DP_cap_pwd= nv -_DP_cap_random= nv _DP_cap_sysctl= nv _DP_cap_syslog= nv .if ${MK_OFED} != "no" @@ -599,7 +597,6 @@ LIBCAP_DNSDIR= ${OBJTOP}/lib/libcasper/services/cap_dns LIBCAP_GRPDIR= ${OBJTOP}/lib/libcasper/services/cap_grp LIBCAP_PWDDIR= ${OBJTOP}/lib/libcasper/services/cap_pwd -LIBCAP_RANDOMDIR= ${OBJTOP}/lib/libcasper/services/cap_random LIBCAP_SYSCTLDIR= ${OBJTOP}/lib/libcasper/services/cap_sysctl LIBCAP_SYSLOGDIR= ${OBJTOP}/lib/libcasper/services/cap_syslog LIBBSDXMLDIR= ${OBJTOP}/lib/libexpat Index: head/sys/sys/param.h =================================================================== --- head/sys/sys/param.h +++ head/sys/sys/param.h @@ -60,7 +60,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 1300036 /* Master, propagated to newvers */ +#define __FreeBSD_version 1300037 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, Index: head/targets/pseudo/userland/lib/Makefile.depend =================================================================== --- head/targets/pseudo/userland/lib/Makefile.depend +++ head/targets/pseudo/userland/lib/Makefile.depend @@ -221,7 +221,6 @@ lib/libcasper/services/cap_dns \ lib/libcasper/services/cap_grp \ lib/libcasper/services/cap_pwd \ - lib/libcasper/services/cap_random \ lib/libcasper/services/cap_sysctl \ .endif