| Message ID | 20210524085858.1902-1-Sergiy_Kibrik@epam.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [XEN,v1] libxl: use getrandom() syscall for random data extraction | expand |
Hi, On 24/05/2021 09:58, Sergiy Kibrik wrote: > Simplify libxl__random_bytes() routine by using a newer dedicated syscall. > This allows not only to substantially reduce its footprint, but syscall also > considered to be safer and generally better solution: > > https://lwn.net/Articles/606141/ > > getrandom() available on Linux, FreeBSD and NetBSD. From the man: VERSIONS getrandom() was introduced in version 3.17 of the Linux kernel. Support was added to glibc in version 2.25. If I am not mistaken glibc 2.25 was released in 2017. Also, the call was only introduced in FreeBSD 12. So I think we want to check if getrandom() can be used. We may also want to consider to fallback to read /dev/urandom if the call return ENOSYS. Cheers,
Hi Julien, > > From the man: > > VERSIONS > getrandom() was introduced in version 3.17 of the Linux kernel. > Support was added to glibc in version 2.25. > > If I am not mistaken glibc 2.25 was released in 2017. Also, the call was only > introduced in FreeBSD 12. > > So I think we want to check if getrandom() can be used. We may also want to > consider to fallback to read /dev/urandom if the call return ENOSYS. > You mean its availability should be checked both at build and runtime? -- regards, Sergiy
Hi, On 26/05/2021 10:31, Sergiy Kibrik wrote: > Hi Julien, > >> >> From the man: >> >> VERSIONS >> getrandom() was introduced in version 3.17 of the Linux kernel. >> Support was added to glibc in version 2.25. >> >> If I am not mistaken glibc 2.25 was released in 2017. Also, the call was only >> introduced in FreeBSD 12. >> >> So I think we want to check if getrandom() can be used. We may also want to >> consider to fallback to read /dev/urandom if the call return ENOSYS. >> > > You mean its availability should be checked both at build and runtime? Correct. You can have a libc suporting getrandom() but a kernel that doesn't provide the syscall. Cheers,
> > You mean its availability should be checked both at build and runtime? > > Correct. You can have a libc suporting getrandom() but a kernel that doesn't > provide the syscall. > Agree, I shall check this. -Sergiy
diff --git a/tools/libxl/libxl_utils.c b/tools/libxl/libxl_utils.c index b039143b8a..f3e56a4026 100644 --- a/tools/libxl/libxl_utils.c +++ b/tools/libxl/libxl_utils.c @@ -16,6 +16,7 @@ #include "libxl_osdeps.h" /* must come before any other headers */ #include <ctype.h> +#include <sys/random.h> #include "libxl_internal.h" #include "_paths.h" @@ -1226,26 +1227,10 @@ void libxl_string_copy(libxl_ctx *ctx, char **dst, char * const*src) */ int libxl__random_bytes(libxl__gc *gc, uint8_t *buf, size_t len) { - static const char *dev = "/dev/urandom"; - int fd; - int ret; - - fd = open(dev, O_RDONLY); - if (fd < 0) { - LOGE(ERROR, "failed to open \"%s\"", dev); + ssize_t ret = getrandom(buf, len, 0); + if (ret != len) return ERROR_FAIL; - } - ret = libxl_fd_set_cloexec(CTX, fd, 1); - if (ret) { - close(fd); - return ERROR_FAIL; - } - - ret = libxl_read_exactly(CTX, fd, buf, len, dev, NULL); - - close(fd); - - return ret; + return 0; } int libxl__prepare_sockaddr_un(libxl__gc *gc,
Simplify libxl__random_bytes() routine by using a newer dedicated syscall. This allows not only to substantially reduce its footprint, but syscall also considered to be safer and generally better solution: https://lwn.net/Articles/606141/ getrandom() available on Linux, FreeBSD and NetBSD. Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com> --- tools/libxl/libxl_utils.c | 23 ++++------------------- 1 file changed, 4 insertions(+), 19 deletions(-)