Bug 1513687 - remove chromium's random code from IPC in favor of our own; r=froydnj a=lizzard
authorAlex Gaynor <agaynor@mozilla.com>
Wed, 30 Jan 2019 21:37:11 +0000
changeset 515722 764910a1fa7e4f4d334734397035770b192b0aff
parent 515721 5e9cc0eb20409ce001ed024890a4b6dbcbd4d02c
child 515723 63b220f22addd222434d43e0ba0d46e263b58916
push id1953
push userffxbld-merge
push dateMon, 11 Mar 2019 12:10:20 +0000
treeherdermozilla-release@9c35dcbaa899 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersfroydnj, lizzard
bugs1513687
milestone66.0
Bug 1513687 - remove chromium's random code from IPC in favor of our own; r=froydnj a=lizzard This includes deleting several unused functions. Our own code does a better job of using the preferred platform APIs for random numbers. Differential Revision: https://phabricator.services.mozilla.com/D18120
ipc/chromium/moz.build
ipc/chromium/src/base/rand_util.cc
ipc/chromium/src/base/rand_util.h
ipc/chromium/src/base/rand_util_posix.cc
ipc/chromium/src/base/rand_util_win.cc
--- a/ipc/chromium/moz.build
+++ b/ipc/chromium/moz.build
@@ -36,17 +36,16 @@ if os_win:
     SOURCES += [
         'src/base/condition_variable_win.cc',
         'src/base/file_util_win.cc',
         'src/base/lock_impl_win.cc',
         'src/base/message_pump_win.cc',
         'src/base/object_watcher.cc',
         'src/base/platform_thread_win.cc',
         'src/base/process_util_win.cc',
-        'src/base/rand_util_win.cc',
         'src/base/shared_memory_win.cc',
         'src/base/sys_string_conversions_win.cc',
         'src/base/thread_local_win.cc',
         'src/base/time_win.cc',
         'src/base/waitable_event_win.cc',
         'src/base/win_util.cc',
         'src/chrome/common/ipc_channel_win.cc',
         'src/chrome/common/process_watcher_win.cc',
@@ -58,17 +57,16 @@ elif not CONFIG['MOZ_SYSTEM_LIBEVENT']:
 if os_posix:
     UNIFIED_SOURCES += [
         'src/base/condition_variable_posix.cc',
         'src/base/file_util_posix.cc',
         'src/base/lock_impl_posix.cc',
         'src/base/message_pump_libevent.cc',
         'src/base/platform_thread_posix.cc',
         'src/base/process_util_posix.cc',
-        'src/base/rand_util_posix.cc',
         'src/base/shared_memory_posix.cc',
         'src/base/string16.cc',
         'src/base/thread_local_posix.cc',
         'src/base/waitable_event_posix.cc',
         'src/chrome/common/file_descriptor_set_posix.cc',
         'src/chrome/common/ipc_channel_posix.cc',
         'src/chrome/common/process_watcher_posix_sigchld.cc',
     ]
--- a/ipc/chromium/src/base/rand_util.cc
+++ b/ipc/chromium/src/base/rand_util.cc
@@ -7,36 +7,25 @@
 #include "base/rand_util.h"
 
 #include <math.h>
 
 #include <limits>
 
 #include "base/basictypes.h"
 #include "base/logging.h"
+#include "mozilla/RandomNum.h"
+
 
 namespace base {
 
 int RandInt(int min, int max) {
   DCHECK(min <= max);
 
   uint64_t range = static_cast<int64_t>(max) - min + 1;
-  uint64_t number = base::RandUint64();
-  int result = min + static_cast<int>(number % range);
+  mozilla::Maybe<uint64_t> number = mozilla::RandomUint64();
+  MOZ_RELEASE_ASSERT(number.isSome());
+  int result = min + static_cast<int>(number.value() % range);
   DCHECK(result >= min && result <= max);
   return result;
 }
 
-double RandDouble() {
-  // We try to get maximum precision by masking out as many bits as will fit
-  // in the target type's mantissa, and raising it to an appropriate power to
-  // produce output in the range [0, 1).  For IEEE 754 doubles, the mantissa
-  // is expected to accommodate 53 bits.
-
-  COMPILE_ASSERT(std::numeric_limits<double>::radix == 2, otherwise_use_scalbn);
-  static const int kBits = std::numeric_limits<double>::digits;
-  uint64_t random_bits = base::RandUint64() & ((GG_UINT64_C(1) << kBits) - 1);
-  double result = ldexp(static_cast<double>(random_bits), -1 * kBits);
-  DCHECK(result >= 0.0 && result < 1.0);
-  return result;
-}
-
 }  // namespace base
--- a/ipc/chromium/src/base/rand_util.h
+++ b/ipc/chromium/src/base/rand_util.h
@@ -6,27 +6,14 @@
 
 #ifndef BASE_RAND_UTIL_H_
 #define BASE_RAND_UTIL_H_
 
 #include "base/basictypes.h"
 
 namespace base {
 
-// Returns a random number in range [0, kuint64max]. Thread-safe.
-uint64_t RandUint64();
-
 // Returns a random number between min and max (inclusive). Thread-safe.
 int RandInt(int min, int max);
 
-// Returns a random double in range [0, 1). Thread-safe.
-double RandDouble();
-
-// Fills |output_length| bytes of |output| with random data.
-//
-// WARNING:
-// Do not use for security-sensitive purposes.
-// See crypto/ for cryptographically secure random number generation APIs.
-void RandBytes(void* output, size_t output_length);
-
 }  // namespace base
 
 #endif  // BASE_RAND_UTIL_H_
deleted file mode 100644
--- a/ipc/chromium/src/base/rand_util_posix.cc
+++ /dev/null
@@ -1,30 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-// Copyright (c) 2008 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "base/rand_util.h"
-
-#include <fcntl.h>
-#include <unistd.h>
-
-#include "base/file_util.h"
-#include "base/logging.h"
-
-namespace base {
-
-uint64_t RandUint64() {
-  uint64_t number;
-
-  int urandom_fd = open("/dev/urandom", O_RDONLY);
-  CHECK(urandom_fd >= 0);
-  bool success = file_util::ReadFromFD(
-      urandom_fd, reinterpret_cast<char*>(&number), sizeof(number));
-  CHECK(success);
-  close(urandom_fd);
-
-  return number;
-}
-
-}  // namespace base
deleted file mode 100644
--- a/ipc/chromium/src/base/rand_util_win.cc
+++ /dev/null
@@ -1,46 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-// Copyright (c) 2012 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "base/rand_util.h"
-#include <windows.h>
-#include <stddef.h>
-#include <stdint.h>
-
-// #define needed to link in RtlGenRandom(), a.k.a. SystemFunction036.  See the
-// "Community Additions" comment on MSDN here:
-// http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx
-#define SystemFunction036 NTAPI SystemFunction036
-#include <ntsecapi.h>
-#undef SystemFunction036
-
-#include <algorithm>
-#include <limits>
-
-#include "base/logging.h"
-
-namespace base {
-
-// NOTE: This function must be cryptographically secure. http://crbug.com/140076
-uint64_t RandUint64() {
-  uint64_t number;
-  RandBytes(&number, sizeof(number));
-  return number;
-}
-
-void RandBytes(void* output, size_t output_length) {
-  char* output_ptr = static_cast<char*>(output);
-  while (output_length > 0) {
-    const ULONG output_bytes_this_pass = static_cast<ULONG>(std::min(
-        output_length, static_cast<size_t>(std::numeric_limits<ULONG>::max())));
-    const bool success =
-        RtlGenRandom(output_ptr, output_bytes_this_pass) != FALSE;
-    CHECK(success);
-    output_length -= output_bytes_this_pass;
-    output_ptr += output_bytes_this_pass;
-  }
-}
-
-}  // namespace base