Simplify libxl__random_bytes() routine by using a newer dedicated syscall.
This allows not only to substantially reduce its footprint, but syscall also
considered to be safer and generally better solution:
https://lwn.net/Articles/606141/
getrandom() available on Linux, FreeBSD and NetBSD.
Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
---
tools/libxl/libxl_utils.c | 23 ++++-------------------
1 file changed, 4 insertions(+), 19 deletions(-)
diff --git a/tools/libxl/libxl_utils.c b/tools/libxl/libxl_utils.c
index b039143b8a..f3e56a4026 100644
--- a/tools/libxl/libxl_utils.c
+++ b/tools/libxl/libxl_utils.c
@@ -16,6 +16,7 @@
#include "libxl_osdeps.h" /* must come before any other headers */
#include <ctype.h>
+#include <sys/random.h>
#include "libxl_internal.h"
#include "_paths.h"
@@ -1226,26 +1227,10 @@ void libxl_string_copy(libxl_ctx *ctx, char **dst, char * const*src)
*/
int libxl__random_bytes(libxl__gc *gc, uint8_t *buf, size_t len)
{
- static const char *dev = "/dev/urandom";
- int fd;
- int ret;
-
- fd = open(dev, O_RDONLY);
- if (fd < 0) {
- LOGE(ERROR, "failed to open \"%s\"", dev);
+ ssize_t ret = getrandom(buf, len, 0);
+ if (ret != len)
return ERROR_FAIL;
- }
- ret = libxl_fd_set_cloexec(CTX, fd, 1);
- if (ret) {
- close(fd);
- return ERROR_FAIL;
- }
-
- ret = libxl_read_exactly(CTX, fd, buf, len, dev, NULL);
-
- close(fd);
-
- return ret;
+ return 0;
}
int libxl__prepare_sockaddr_un(libxl__gc *gc,
--
2.25.1
Hi, On 24/05/2021 09:58, Sergiy Kibrik wrote: > Simplify libxl__random_bytes() routine by using a newer dedicated syscall. > This allows not only to substantially reduce its footprint, but syscall also > considered to be safer and generally better solution: > > https://lwn.net/Articles/606141/ > > getrandom() available on Linux, FreeBSD and NetBSD. From the man: VERSIONS getrandom() was introduced in version 3.17 of the Linux kernel. Support was added to glibc in version 2.25. If I am not mistaken glibc 2.25 was released in 2017. Also, the call was only introduced in FreeBSD 12. So I think we want to check if getrandom() can be used. We may also want to consider to fallback to read /dev/urandom if the call return ENOSYS. Cheers, -- Julien Grall
Hi Julien, > > From the man: > > VERSIONS > getrandom() was introduced in version 3.17 of the Linux kernel. > Support was added to glibc in version 2.25. > > If I am not mistaken glibc 2.25 was released in 2017. Also, the call was only > introduced in FreeBSD 12. > > So I think we want to check if getrandom() can be used. We may also want to > consider to fallback to read /dev/urandom if the call return ENOSYS. > You mean its availability should be checked both at build and runtime? -- regards, Sergiy
Hi, On 26/05/2021 10:31, Sergiy Kibrik wrote: > Hi Julien, > >> >> From the man: >> >> VERSIONS >> getrandom() was introduced in version 3.17 of the Linux kernel. >> Support was added to glibc in version 2.25. >> >> If I am not mistaken glibc 2.25 was released in 2017. Also, the call was only >> introduced in FreeBSD 12. >> >> So I think we want to check if getrandom() can be used. We may also want to >> consider to fallback to read /dev/urandom if the call return ENOSYS. >> > > You mean its availability should be checked both at build and runtime? Correct. You can have a libc suporting getrandom() but a kernel that doesn't provide the syscall. Cheers, -- Julien Grall
> > You mean its availability should be checked both at build and runtime? > > Correct. You can have a libc suporting getrandom() but a kernel that doesn't > provide the syscall. > Agree, I shall check this. -Sergiy
© 2016 - 2024 Red Hat, Inc.