Add new getentropy() system call. Code and pressure from matthew.

I accepted that he's right (again) to seperate this out from heavy
sysctl API and this will simply a variety of things.  Functionname
is not used by anyone in the ports tree, so we guess we can use it.
Shocking that no application has a function called this.
ok matthew & others who pushed him to start this early on

Author: deraadt

include/unistd.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: unistd.h,v 1.86 2014/05/16 21:28:15 tedu Exp $ */
+/*	$OpenBSD: unistd.h,v 1.87 2014/06/13 08:26:10 deraadt Exp $ */
 /*	$NetBSD: unistd.h,v 1.26.4.1 1996/05/28 02:31:51 mrg Exp $	*/
 
 /*-
@@ -538,6 +538,7 @@ void	 setusershell(void);
 int	 strtofflags(char **, u_int32_t *, u_int32_t *);
 int	 swapctl(int cmd, const void *arg, int misc);
 int	 syscall(int, ...);
+ssize_t	 getentropy(void *, size_t);
 pid_t	 __tfork_thread(const struct __tfork *, size_t, void (*)(void *),
 	    void *);
 #endif /* __BSD_VISIBLE */

lib/libc/sys/Makefile.inc

@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile.inc,v 1.117 2014/03/18 22:36:30 miod Exp $
+#	$OpenBSD: Makefile.inc,v 1.118 2014/06/13 08:26:10 deraadt Exp $
 #	$NetBSD: Makefile.inc,v 1.35 1995/10/16 23:49:07 jtc Exp $
 #	@(#)Makefile.inc	8.1 (Berkeley) 6/17/93
 
@@ -33,7 +33,7 @@ ASM=	__get_tcb.o __getcwd.o __semctl.o __set_tcb.o __syscall.o \
 	fchdir.o fchflags.o fchmod.o fchmodat.o fchown.o \
 	fchownat.o fcntl.o fhopen.o fhstat.o fhstatfs.o \
 	flock.o fpathconf.o fstat.o fstatat.o fstatfs.o \
-	fsync.o futimens.o futimes.o getdents.o getdtablecount.o \
+	fsync.o futimens.o futimes.o getentropy.o getdents.o getdtablecount.o \
 	getegid.o geteuid.o getfh.o getfsstat.o getgid.o \
 	getgroups.o getitimer.o getpeername.o getpgid.o getpgrp.o \
 	getpid.o getppid.o getpriority.o getresgid.o getresuid.o \
@@ -200,10 +200,10 @@ MAN+=	__get_tcb.2 __thrsigdivert.2 __thrsleep.2 _exit.2 accept.2 \
 	access.2 acct.2 adjfreq.2 adjtime.2 bind.2 brk.2 chdir.2 \
 	chflags.2 chmod.2 chown.2 chroot.2 clock_gettime.2 close.2 \
 	closefrom.2 connect.2 dup.2 execve.2 fcntl.2 fhopen.2 flock.2 \
-	fork.2 fsync.2 getdents.2 getdtablecount.2 getfh.2 getfsstat.2 \
-	getgid.2 getgroups.2 getitimer.2 getlogin.2 getpeername.2 \
-	getpgrp.2 getpid.2 getpriority.2 getrlimit.2 getrtable.2 \
-	getrusage.2 getsid.2 getsockname.2 getsockopt.2 \
+	fork.2 fsync.2 getentropy.2 getdents.2 getdtablecount.2 \
+	getfh.2 getfsstat.2 getgid.2 getgroups.2 getitimer.2 getlogin.2 \
+	getpeername.2 getpgrp.2 getpid.2 getpriority.2 getrlimit.2 \
+	getrtable.2 getrusage.2 getsid.2 getsockname.2 getsockopt.2 \
 	gettimeofday.2 getuid.2 intro.2 ioctl.2 issetugid.2 \
 	kill.2 kqueue.2 ktrace.2 link.2 listen.2 lseek.2 madvise.2 \
 	mincore.2 minherit.2 mkdir.2 mkfifo.2 mknod.2 mlock.2 \

lib/libc/sys/getentropy.2

@@ -0,0 +1,51 @@
+.\"	$OpenBSD: getentropy.2,v 1.1 2014/06/13 08:26:10 deraadt Exp $
+.\"
+.\" Copyright (c) 2014 Theo de Raadt
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: June 13 2014 $
+.Dt GETENTROPY 2
+.Os
+.Sh NAME
+.Nm getentropy
+.Nd get entropy
+.Sh SYNOPSIS
+.Fd #include <unistd.h>
+.Ft ssize_t
+.Fn getentropy "char *buf" "size_t buflen"
+.Sh DESCRIPTION
+.Nm
+returns a buffer of high-quality seed-grade entropy.
+.Pp
+This is typically used to seed a process-context generator
+like
+.Xr arc4random 3 .
+.Sh ERRORS
+.Nm
+.Fn setlogin
+will succeed unless:
+.Bl -tag -width Er
+.It Bq Er EFAULT
+The
+.Fa name
+parameter points to an
+invalid address.
+.El
+.Sh SEE ALSO
+.Xr arc4random 3
+.Sh HISTORY
+The
+.Nm
+function appeared in
+.Ox 5.6 .

sys/dev/rnd.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: rnd.c,v 1.155 2014/02/05 05:54:58 tedu Exp $	*/
+/*	$OpenBSD: rnd.c,v 1.156 2014/06/13 08:26:09 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2011 Theo de Raadt.
@@ -123,6 +123,8 @@
 #include <sys/mutex.h>
 #include <sys/task.h>
 #include <sys/msgbuf.h>
+#include <sys/mount.h>
+#include <sys/syscallargs.h>
 
 #include <crypto/md5.h>
 
@@ -928,3 +930,26 @@ randomioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p)
 	}
 	return 0;
 }
+
+int
+sys_getentropy(struct proc *p, void *v, register_t *retval)
+{
+	struct sys_getentropy_args /* {
+		syscallarg(void *) buf;
+		syscallarg(size_t) nbyte;
+	} */ *uap = v;
+	char buf[256];
+	int error;
+	size_t nbyte;
+
+	nbyte = SCARG(uap, nbyte);
+	if (nbyte > sizeof(buf))
+		nbyte = sizeof(buf);
+
+	arc4random_buf(buf, nbyte);
+	if ((error = copyout(buf, SCARG(uap, buf), nbyte)) != 0)
+		return (error);
+
+	retval[0] = nbyte;
+	return (0);
+}

sys/kern/syscalls.master

@@ -1,4 +1,4 @@
-;	$OpenBSD: syscalls.master,v 1.138 2014/02/09 10:04:42 guenther Exp $
+;	$OpenBSD: syscalls.master,v 1.139 2014/06/13 08:26:10 deraadt Exp $
 ;	$NetBSD: syscalls.master,v 1.32 1996/04/23 10:24:21 mycroft Exp $
 
 ;	@(#)syscalls.master	8.2 (Berkeley) 1/13/94
@@ -57,7 +57,7 @@
 5	STD		{ int sys_open(const char *path, \
 			    int flags, ... mode_t mode); }
 6	STD		{ int sys_close(int fd); }
-7	OBSOL		t32_wait4
+7	STD		{ ssize_t sys_getentropy(void *buf, size_t nbyte); }
 8	STD		{ int sys___tfork(const struct __tfork *param, \
 			    size_t psize); }
 9	STD		{ int sys_link(const char *path, const char *link); }