mbedtls: Add KERN_ARND support.

Motivation: the default behaviour of reopening /dev/urandom repeatedly for every 128 bytes of entropy required is _exceedingly_ slow on NetBSD. Not helped is using fread(), which assumes a long-lived file and buffers excessively. This change makes the standard gen_entropy tool run in milliseconds instead of seconds when it generates 48K of randomness. Not only that, but sysctl is a lot more robust in e.g. chroots, resource limited processes, etc. Risk: On NetBSD, the security properties of the previous and current behaviour are identical. Upstreamed: Mbed-TLS/mbedtls#3423 Bump PKGREVISION.
NetBSD · Jun 29, 2020 · e9e71da · e9e71da
1 parent 85f587e
commit e9e71da
Show file tree

Hide file tree

Showing 4 changed files with 89 additions and 5 deletions.
diff --git a/security/mbedtls/Makefile b/security/mbedtls/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.15 2020/06/11 11:43:50 nia Exp $
+# $NetBSD: Makefile,v 1.16 2020/06/29 12:39:36 nia Exp $
 
 DISTNAME=	mbedtls-2.16.6-apache
 PKGNAME=	${DISTNAME:-apache=}
-PKGREVISION=	1
+PKGREVISION=	2
 CATEGORIES=	security devel
 MASTER_SITES=	https://tls.mbed.org/download/
 EXTRACT_SUFX=	.tgz

diff --git a/security/mbedtls/buildlink3.mk b/security/mbedtls/buildlink3.mk
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.1 2015/06/12 09:05:05 fhajny Exp $
+# $NetBSD: buildlink3.mk,v 1.2 2020/06/29 12:39:36 nia Exp $
 
 BUILDLINK_TREE+=	mbedtls
 
@@ -11,7 +11,7 @@ BUILDLINK_PKGSRCDIR.mbedtls?=	../../security/mbedtls
 pkgbase := mbedtls
 .include "../../mk/pkg-build-options.mk"
 
-.if !empty(PKG_BUILD_OPTIONS.mbedtls:Mzlib)
+.if ${PKG_BUILD_OPTIONS.mbedtls:Mzlib}
 .include "../../devel/zlib/buildlink3.mk"
 .endif
 

diff --git a/security/mbedtls/distinfo b/security/mbedtls/distinfo
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.11 2020/06/11 11:43:50 nia Exp $
+$NetBSD: distinfo,v 1.12 2020/06/29 12:39:36 nia Exp $
 
 SHA1 (mbedtls-2.16.6-apache.tgz) = 3cb5b681597a5bd798d31038c129c0dc911d8a2c
 RMD160 (mbedtls-2.16.6-apache.tgz) = da5ede944292874afdb24a8fe21c643b34255206
 SHA512 (mbedtls-2.16.6-apache.tgz) = a0c48b694d7bc70256d26c44bfb2ac802428560b02e50fe2e47762bc595e2c7b8fac934badb3452acb01d8a54386eafae0ff2894320d24ab7554f1c8e6cb4bcf
 Size (mbedtls-2.16.6-apache.tgz) = 2699220 bytes
+SHA1 (patch-library_entropy__poll.c) = 6ab7d7b7e499f0ad9dcbaff274675c03b67f14ec
 SHA1 (patch-library_net__sockets.c) = dc1b304432a2837f72035245a3bc8f1cfcaacbd9
 SHA1 (patch-programs_aes_aescrypt2.c) = ffce071071ba00c37441973e2305d93a2374c748
 SHA1 (patch-programs_aes_crypt__and__hash.c) = 29bd90a0cb2cb4d970c57e57aad6318949479137

diff --git a/security/mbedtls/patches/patch-library_entropy__poll.c b/security/mbedtls/patches/patch-library_entropy__poll.c
@@ -0,0 +1,83 @@
+$NetBSD: patch-library_entropy__poll.c,v 1.1 2020/06/29 12:39:36 nia Exp $
+
+Add KERN_ARND support.
+
+Motivation: the default behaviour of reopening /dev/urandom repeatedly
+for every 128 bytes of entropy required is _exceedingly_ slow on NetBSD.
+Not helped is using fread(), which assumes a long-lived file and buffers
+excessively. This change makes the standard gen_entropy tool run in
+milliseconds instead of seconds when it generates 48K of randomness.
+
+Not only that, but sysctl is a lot more robust in e.g. chroots, resource
+limited processes, etc.
+
+Upstreamed: https://github.com/ARMmbed/mbedtls/pull/3423
+
+--- library/entropy_poll.c.orig	2020-04-09 13:12:23.000000000 +0000
++++ library/entropy_poll.c
+@@ -114,6 +114,41 @@ static int getrandom_wrapper( void *buf,
+ #endif /* SYS_getrandom */
+ #endif /* __linux__ */
+
++/*
++ * Some BSD systems provide KERN_ARND.
++ * This is equivalent to reading from /dev/urandom, only it doesn't require an
++ * open file descriptor, and provides up to 256 bytes per call (basically the
++ * same as getentropy(), but with a longer history).
++ *
++ * Documentation: https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7
++ */
++#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(HAVE_GETRANDOM)
++#include <sys/param.h>
++#include <sys/sysctl.h>
++#if defined(KERN_ARND)
++#define HAVE_SYSCTL_ARND
++
++static int sysctl_arnd_wrapper( unsigned char *buf, size_t buflen )
++{
++    int name[2];
++    size_t len;
++
++    name[0] = CTL_KERN;
++    name[1] = KERN_ARND;
++
++    while( buflen > 0 )
++    {
++        len = buflen > 256 ? 256 : buflen;
++        if( sysctl(name, 2, buf, &len, NULL, 0) == -1 )
++            return( -1 );
++        buflen -= len;
++        buf += len;
++    }
++    return( 0 );
++}
++#endif /* KERN_ARND */
++#endif /* __FreeBSD__ || __NetBSD__ */
++
+ #include <stdio.h>
+
+ int mbedtls_platform_entropy_poll( void *data,
+@@ -138,6 +173,15 @@ int mbedtls_platform_entropy_poll( void 
+     ((void) ret);
+ #endif /* HAVE_GETRANDOM */
+
++#if defined(HAVE_SYSCTL_ARND)
++    ((void) file);
++    ((void) read_len);
++    if( sysctl_arnd_wrapper( output, len ) == -1 )
++        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
++    *olen = len;
++    return( 0 );
++#else
++
+     *olen = 0;
+
+     file = fopen( "/dev/urandom", "rb" );
+@@ -155,6 +199,7 @@ int mbedtls_platform_entropy_poll( void 
+     *olen = len;
+
+     return( 0 );
++#endif /* HAVE_SYSCTL_ARND */
+ }
+ #endif /* _WIN32 && !EFIX64 && !EFI32 */
+ #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */