Remove ext/random dependency

Author: arnaud-lb

Zend/zend.c

@@ -94,6 +94,7 @@ ZEND_API char *(*zend_getenv)(const char *name, size_t name_len);
 ZEND_API zend_string *(*zend_resolve_path)(zend_string *filename);
 ZEND_API zend_result (*zend_post_startup_cb)(void) = NULL;
 ZEND_API void (*zend_post_shutdown_cb)(void) = NULL;
+ZEND_API zend_result (*zend_os_csprng_random_bytes)(void *bytes, size_t size, char *errstr, size_t errstr_size) = NULL;
 
 /* This callback must be signal handler safe! */
 void (*zend_on_timeout)(int seconds);
@@ -912,6 +913,10 @@ void zend_startup(zend_utility_functions *utility_functions) /* {{{ */
 	php_win32_cp_set_by_id(65001);
 #endif
 
+	/* Set up early utility functions. zend_mm depends on
+	 * zend_os_csprng_random_bytes */
+	zend_os_csprng_random_bytes = utility_functions->os_csprng_randomn_bytes_function;
+
 	start_memory_manager();
 
 	virtual_cwd_startup(); /* Could use shutdown to free the main cwd but it would just slow it down for CGI */

Zend/zend.h

@@ -248,6 +248,7 @@ typedef struct _zend_utility_functions {
 	void (*printf_to_smart_str_function)(smart_str *buf, const char *format, va_list ap);
 	char *(*getenv_function)(const char *name, size_t name_len);
 	zend_string *(*resolve_path_function)(zend_string *filename);
+	zend_result (*os_csprng_randomn_bytes_function)(void *bytes, size_t size, char *errstr, size_t errstr_size);
 } zend_utility_functions;
 
 typedef struct _zend_utility_values {
@@ -340,6 +341,7 @@ extern void (*zend_printf_to_smart_string)(smart_string *buf, const char *format
 extern void (*zend_printf_to_smart_str)(smart_str *buf, const char *format, va_list ap);
 extern ZEND_API char *(*zend_getenv)(const char *name, size_t name_len);
 extern ZEND_API zend_string *(*zend_resolve_path)(zend_string *filename);
+extern ZEND_API zend_result (*zend_os_csprng_random_bytes)(void *bytes, size_t size, char *errstr, size_t errstr_size);
 
 /* These two callbacks are especially for opcache */
 extern ZEND_API zend_result (*zend_post_startup_cb)(void);

Zend/zend_alloc.c

@@ -54,13 +54,12 @@
 #include "zend.h"
 #include "zend_alloc.h"
 #include "zend_globals.h"
+#include "zend_hrtime.h"
 #include "zend_operators.h"
 #include "zend_multiply.h"
 #include "zend_bitset.h"
 #include "zend_mmap.h"
 #include "zend_portability.h"
-#include "ext/random/php_random_csprng.h"
-#include "ext/random/php_random.h"
 #include <signal.h>
 
 #ifdef HAVE_UNISTD_H
@@ -248,6 +247,10 @@ typedef struct  _zend_mm_huge_list zend_mm_huge_list;
 
 static bool zend_mm_use_huge_pages = false;
 
+typedef struct _zend_mm_rand_state {
+	uint32_t state[4];
+} zend_mm_rand_state;
+
 /*
  * Memory is retrieved from OS by chunks of fixed size 2MB.
  * Inside chunk it's managed by pages of fixed size 4096B.
@@ -323,7 +326,7 @@ struct _zend_mm_heap {
 	HashTable *tracked_allocs;
 #endif
 	pid_t pid;
-	php_random_status_state_xoshiro256starstar random_state;
+	zend_mm_rand_state rand_state;
 };
 
 struct _zend_mm_chunk {
@@ -2024,30 +2027,105 @@ static void zend_mm_free_huge(zend_mm_heap *heap, void *ptr ZEND_FILE_LINE_DC ZE
 #endif
 }
 
+/********/
+/* Rand */
+/********/
+
+/* Xoshiro256** PRNG based on implementation from Go Kudo in
+ * ext/random/engine_xoshiro256starstar.c, based on code from David Blackman,
+ * Sebastiano Vigna. */
+
+static inline uint64_t splitmix64(uint64_t *seed)
+{
+	uint64_t r;
+
+	r = (*seed += 0x9e3779b97f4a7c15ULL);
+	r = (r ^ (r >> 30)) * 0xbf58476d1ce4e5b9ULL;
+	r = (r ^ (r >> 27)) * 0x94d049bb133111ebULL;
+	return (r ^ (r >> 31));
+}
+
+ZEND_ATTRIBUTE_CONST static inline uint64_t rotl(const uint64_t x, int k)
+{
+	return (x << k) | (x >> (64 - k));
+}
+
+static inline uint64_t zend_mm_rand_generate(zend_mm_rand_state *s)
+{
+	const uint64_t r = rotl(s->state[1] * 5, 7) * 9;
+	const uint64_t t = s->state[1] << 17;
+
+	s->state[2] ^= s->state[0];
+	s->state[3] ^= s->state[1];
+	s->state[1] ^= s->state[2];
+	s->state[0] ^= s->state[3];
+
+	s->state[2] ^= t;
+
+	s->state[3] = rotl(s->state[3], 45);
+
+	return r;
+}
+
+static inline void zend_mm_rand_seed256(zend_mm_rand_state *state, uint64_t s0, uint64_t s1, uint64_t s2, uint64_t s3)
+{
+	state->state[0] = s0;
+	state->state[1] = s1;
+	state->state[2] = s2;
+	state->state[3] = s3;
+}
+
+static inline void zend_mm_rand_seed64(zend_mm_rand_state *state, uint64_t seed)
+{
+	uint64_t s[4];
+
+	s[0] = splitmix64(&seed);
+	s[1] = splitmix64(&seed);
+	s[2] = splitmix64(&seed);
+	s[3] = splitmix64(&seed);
+
+	zend_mm_rand_seed256(state, s[0], s[1], s[2], s[3]);
+}
+
 /******************/
 /* Initialization */
 /******************/
 
 static zend_result zend_mm_refresh_key(zend_mm_heap *heap)
 {
-	php_random_result result = php_random_algo_xoshiro256starstar.generate(&heap->random_state);
-	ZEND_ASSERT(result.size == sizeof(uint64_t));
-	heap->shadow_key = (uintptr_t) result.result;
+	heap->shadow_key = (uintptr_t) zend_mm_rand_generate(&heap->rand_state);
+
 	return SUCCESS;
 }
 
 static zend_result zend_mm_init_key(zend_mm_heap *heap)
 {
 	uint64_t seed[4];
-	if (php_random_bytes_silent(&seed, sizeof(seed)) != SUCCESS) {
-		for (int i = 0; i < sizeof(seed)/sizeof(seed[0]); i++) {
-			seed[i] = php_random_generate_fallback_seed();
-		}
+	char errstr[128];
+	if (zend_os_csprng_random_bytes(&seed, sizeof(seed), errstr, sizeof(errstr)) == SUCCESS) {
+		zend_mm_rand_seed256(&heap->rand_state,
+				seed[0], seed[1], seed[2], seed[3]);
+	} else {
+		/* Fallback to weak seed generation */
+#if ZEND_MM_ERROR
+		fprintf(stderr, "Could not generate secure random seed: %s\n", errstr);
+#endif
+		zend_hrtime_t nanotime = zend_hrtime();
+		uint64_t v = 0;
+		v ^= (uint64_t) nanotime;
+		splitmix64(&v);
+		v ^= (uint64_t) getpid();
+		splitmix64(&v);
+#ifdef ZTS
+		THREAD_T tid = tsrm_thread_id();
+		uint64_t tmp = 0;
+		memcpy(&tmp, tid, MIN(sizeof(tmp), sizeof(tid)));
+		v ^= tmp;
+		splitmix64(&v);
+#endif
+		zend_mm_rand_seed64(&heap->rand_state, v);
 	}
 
-	php_random_xoshiro256starstar_seed256(&heap->random_state,
-			seed[0], seed[1], seed[2], seed[3]);
-
 	return zend_mm_refresh_key(heap);
 }
 

Zend/zend_atomic.c

@@ -20,28 +20,56 @@
  * is also where the code will go.
  */
 
-/* Defined for FFI users; everyone else use ZEND_ATOMIC_BOOL_INIT.
+/* Defined for FFI users; everyone else use ZEND_ATOMIC_*_INIT.
  * This is NOT ATOMIC as it is meant for initialization.
  */
 ZEND_API void zend_atomic_bool_init(zend_atomic_bool *obj, bool desired) {
 	ZEND_ATOMIC_BOOL_INIT(obj, desired);
 }
 
+ZEND_API void zend_atomic_int_init(zend_atomic_int *obj, int desired) {
+	ZEND_ATOMIC_INT_INIT(obj, desired);
+}
+
 ZEND_API bool zend_atomic_bool_exchange(zend_atomic_bool *obj, bool desired) {
 	return zend_atomic_bool_exchange_ex(obj, desired);
 }
 
+ZEND_API int zend_atomic_int_exchange(zend_atomic_int *obj, int desired) {
+	return zend_atomic_int_exchange_ex(obj, desired);
+}
+
+ZEND_API bool zend_atomic_bool_compare_exchange(zend_atomic_bool *obj, bool *expected, bool desired)
+{
+	return zend_atomic_bool_compare_exchange_ex(obj, expected, desired);
+}
+
+ZEND_API bool zend_atomic_int_compare_exchange(zend_atomic_int *obj, int *expected, int desired)
+{
+	return zend_atomic_int_compare_exchange_ex(obj, expected, desired);
+}
+
 ZEND_API void zend_atomic_bool_store(zend_atomic_bool *obj, bool desired) {
 	zend_atomic_bool_store_ex(obj, desired);
 }
 
+ZEND_API void zend_atomic_int_store(zend_atomic_int *obj, int desired) {
+	zend_atomic_int_store_ex(obj, desired);
+}
+
 #if defined(ZEND_WIN32) || defined(HAVE_SYNC_ATOMICS)
 /* On these platforms it is non-const due to underlying APIs. */
 ZEND_API bool zend_atomic_bool_load(zend_atomic_bool *obj) {
 	return zend_atomic_bool_load_ex(obj);
 }
+ZEND_API int zend_atomic_int_load(zend_atomic_int *obj) {
+	return zend_atomic_int_load_ex(obj);
+}
 #else
 ZEND_API bool zend_atomic_bool_load(const zend_atomic_bool *obj) {
 	return zend_atomic_bool_load_ex(obj);
 }
+ZEND_API int zend_atomic_int_load(const zend_atomic_int *obj) {
+	return zend_atomic_int_load_ex(obj);
+}
 #endif