The SecureRandom named service was removed in
https://codereview.chromium.org/
550523002. And the new syscall
was introduced in https://codereview.chromium.org/
537543003.
Accepting this will remove the support for older version of
sel_ldr. I've confirmed that both pepper_40 and current
pepper_canary have this syscall.
After this change, we need sel_ldr from pepper_39 or above to
work.
Fixes #9261
Change-Id: I096973593aa302ade61f259a3a71ebc7c1a57913
Signed-off-by: Shenghou Ma <minux@golang.org>
Reviewed-on: https://go-review.googlesource.com/1755
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
* nacl/386 which is standard 386.
* nacl/amd64p32 which is a 64 bit architecture, where the address space is
- limited to a 4gb window.
+ limited to a 4gb window.
* nacl/arm which is 32-bit ARMv7A architecture with 1GB address space.
For background it is recommended that you read http://golang.org/s/go13nacl.
% cd /opt/nacl_sdk
% ./naclsdk update
-At this time pepper_34 is the stable version. If naclsdk downloads a later
-version, please adjust accordingly. As of June 2014, only the canary sdk
-provides support for nacl/arm.
+At this time pepper_40 is the stable version. The NaCl port needs at least pepper_39
+to work. If naclsdk downloads a later version, please adjust accordingly.
The cmd/go helper scripts expect that the loaders sel_ldr_{x86_{32,64},arm} and
nacl_helper_bootstrap_arm are in your path. I find it easiest to make a symlink
from the NaCl distribution to my $GOPATH/bin directory.
- % ln -nfs /opt/nacl_sdk/pepper_34/tools/sel_ldr_x86_32 $GOPATH/bin/sel_ldr_x86_32
- % ln -nfs /opt/nacl_sdk/pepper_34/tools/sel_ldr_x86_64 $GOPATH/bin/sel_ldr_x86_64
- % ln -nfs /opt/nacl_sdk/pepper_canary/tools/sel_ldr_arm $GOPATH/bin/sel_ldr_arm
+ % ln -nfs /opt/nacl_sdk/pepper_39/tools/sel_ldr_x86_32 $GOPATH/bin/sel_ldr_x86_32
+ % ln -nfs /opt/nacl_sdk/pepper_39/tools/sel_ldr_x86_64 $GOPATH/bin/sel_ldr_x86_64
+ % ln -nfs /opt/nacl_sdk/pepper_39/tools/sel_ldr_arm $GOPATH/bin/sel_ldr_arm
Additionally, for NaCl/ARM only:
- % ln -nfs /opt/nacl_sdk/pepper_canary/tools/nacl_helper_bootstrap_arm $GOPATH/bin/nacl_helper_bootstrap_arm
+ % ln -nfs /opt/nacl_sdk/pepper_39/tools/nacl_helper_bootstrap_arm $GOPATH/bin/nacl_helper_bootstrap_arm
Support scripts
---------------
The -g flag instructs the loader to stop at startup. Then, in another console:
- % /opt/nacl_sdk/pepper_34/toolchain/linux_x86_glibc/bin/x86_64-nacl-gdb
+ % /opt/nacl_sdk/pepper_39/toolchain/linux_x86_glibc/bin/x86_64-nacl-gdb
% nacl-manifest mybin.manifest
% target remote :4014
loaded successfully and you can type 'c' to start the program.
Next time you can automate it as:
- % /opt/nacl_sdk/pepper_34/toolchain/linux_x86_glibc/bin/x86_64-nacl-gdb \
+ % /opt/nacl_sdk/pepper_39/toolchain/linux_x86_glibc/bin/x86_64-nacl-gdb \
-ex 'nacl-manifest mybin.manifest' -ex 'target remote :4014'
*(*int32)(nil) = 0
}
-//go:nosplit
-func getRandomData(r []byte) {
- // TODO: does nacl have a random source we can use?
- extendRandom(r, 0)
-}
+//go:noescape
+func getRandomData([]byte)
func goenvs() {
goenvs_unix()
// 36(BP) is saved EFLAGS, never to be seen again
MOVL 32(BP), BP // saved PC
JMP BP
+
+// func getRandomData([]byte)
+TEXT runtime·getRandomData(SB),NOSPLIT,$8-12
+ MOVL buf+0(FP), AX
+ MOVL AX, 0(SP)
+ MOVL len+4(FP), AX
+ MOVL AX, 4(SP)
+ NACL_SYSCALL(SYS_get_random_bytes)
+ RET
// cannot do real signal handling yet, because gsignal has not been allocated.
MOVL $1, DI; NACL_SYSCALL(SYS_exit)
+// func getRandomData([]byte)
+TEXT runtime·getRandomData(SB),NOSPLIT,$0-12
+ MOVL buf+0(FP), DI
+ MOVL len+4(FP), SI
+ NACL_SYSCALL(SYS_get_random_bytes)
+ RET
+
TEXT runtime·nacl_sysinfo(SB),NOSPLIT,$16
/*
MOVL di+0(FP), DI
TEXT runtime·nacl_sysinfo(SB),NOSPLIT,$16
RET
+// func getRandomData([]byte)
+TEXT runtime·getRandomData(SB),NOSPLIT,$0-12
+ MOVW buf+0(FP), R0
+ MOVW len+4(FP), R1
+ NACL_SYSCALL(SYS_get_random_bytes)
+ RET
+
TEXT runtime·casp1(SB),NOSPLIT,$0
B runtime·cas(SB)
#define SYS_read 12
#define SYS_write 13
#define SYS_lseek 14
-#define SYS_ioctl 15
#define SYS_stat 16
#define SYS_fstat 17
#define SYS_chmod 18
+#define SYS_isatty 19
#define SYS_brk 20
#define SYS_mmap 21
#define SYS_munmap 22
#define SYS_test_crash 110
#define SYS_test_syscall_1 111
#define SYS_test_syscall_2 112
+#define SYS_futex_wait_abs 120
+#define SYS_futex_wake 121
+#define SYS_pread 130
+#define SYS_pwrite 131
+#define SYS_truncate 140
+#define SYS_lstat 141
+#define SYS_link 142
+#define SYS_rename 143
+#define SYS_symlink 144
+#define SYS_access 145
+#define SYS_readlink 146
+#define SYS_utimes 147
+#define SYS_get_random_bytes 150
return len(b), nil
}
-type randomFile struct {
- naclFD int
-}
+type randomFile struct{}
func openRandom() (devFile, error) {
- fd, err := openNamedService("SecureRandom", O_RDONLY)
- if err != nil {
- return nil, err
- }
- return &randomFile{naclFD: fd}, nil
+ return randomFile{}, nil
}
-func (f *randomFile) close() error {
- naclClose(f.naclFD)
- f.naclFD = -1
+func (f randomFile) close() error {
return nil
}
-func (f *randomFile) pread(b []byte, offset int64) (int, error) {
- return naclRead(f.naclFD, b)
+func (f randomFile) pread(b []byte, offset int64) (int, error) {
+ if err := naclGetRandomBytes(b); err != nil {
+ return 0, err
+ }
+ return len(b), nil
}
-func (f *randomFile) pwrite(b []byte, offset int64) (int, error) {
+func (f randomFile) pwrite(b []byte, offset int64) (int, error) {
return 0, EPERM
}
//sys naclFstat(fd int, stat *Stat_t) (err error) = sys_fstat
//sys naclRead(fd int, b []byte) (n int, err error) = sys_read
//sys naclSeek(fd int, off *int64, whence int) (err error) = sys_lseek
+//sys naclGetRandomBytes(b []byte) (err error) = sys_get_random_bytes
const direntSize = 8 + 8 + 2 + 256
sys_read = 12
sys_write = 13
sys_lseek = 14
- sys_ioctl = 15
sys_stat = 16
sys_fstat = 17
sys_chmod = 18
+ sys_isatty = 19
sys_brk = 20
sys_mmap = 21
sys_munmap = 22
sys_test_crash = 110
sys_test_syscall_1 = 111
sys_test_syscall_2 = 112
+ sys_futex_wait_abs = 120
+ sys_futex_wake = 121
+ sys_pread = 130
+ sys_pwrite = 131
+ sys_truncate = 140
+ sys_lstat = 141
+ sys_link = 142
+ sys_rename = 143
+ sys_symlink = 144
+ sys_access = 145
+ sys_readlink = 146
+ sys_utimes = 147
+ sys_get_random_bytes = 150
)
// TODO: Auto-generate some day. (Hard-coded in binaries so not likely to change.)
}
return
}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func naclGetRandomBytes(b []byte) (err error) {
+ var _p0 unsafe.Pointer
+ if len(b) > 0 {
+ _p0 = unsafe.Pointer(&b[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ _, _, e1 := Syscall(sys_get_random_bytes, uintptr(_p0), uintptr(len(b)), 0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
}
return
}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func naclGetRandomBytes(b []byte) (err error) {
+ var _p0 unsafe.Pointer
+ if len(b) > 0 {
+ _p0 = unsafe.Pointer(&b[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ _, _, e1 := Syscall(sys_get_random_bytes, uintptr(_p0), uintptr(len(b)), 0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
}
return
}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func naclGetRandomBytes(b []byte) (err error) {
+ var _p0 unsafe.Pointer
+ if len(b) > 0 {
+ _p0 = unsafe.Pointer(&b[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ _, _, e1 := Syscall(sys_get_random_bytes, uintptr(_p0), uintptr(len(b)), 0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}