-
Notifications
You must be signed in to change notification settings - Fork 182
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use libc::getrandom on Solaris and update docs.
#417 used `getentropy(2)` on Solaris, but after looking at [the blog post introducing `getrandom()` and `getentropy()`](https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2), it seems like we should prefer using `getrandom` based on this quote: > On Solaris the output of getentropy(2) is entropy and should not be used where randomness is needed, in particular it must not be used where an IV or nonce is needed when calling a cryptographic operation. It is intended only for seeding a user space RBG (Random Bit Generator) system. More specifically the data returned by getentropy(2) has not had the required FIPS 140-2 processing for the DRBG applied to it. I also updated some of the documentation explaining: - Why we use `getentropy(2)` - Why we only set `GRND_RANDOM` on Solaris Signed-off-by: Joe Richey <joerichey@google.com>
- Loading branch information
Showing
4 changed files
with
49 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
//! Solaris implementation using getrandom(2). | ||
//! | ||
//! While getrandom(2) has been available since Solaris 11.3, it has a few | ||
//! quirks not present on other OSes. First, on Solaris 11.3, calls will always | ||
//! fail if bufsz > 1024. Second, it will always either fail or completely fill | ||
//! the buffer (returning bufsz). Finally, "if GRND_RANDOM is not specified | ||
//! then getrandom(2) is always a non blocking call". This _might_ imply that | ||
//! in early-boot scenarios with low entropy, getrandom(2) will not properly | ||
//! block. To be safe, we set GRND_RANDOM, mirroring the man page examples. | ||
//! | ||
//! For more information, see the man page linked in lib.rs and this blog post: | ||
//! https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2 | ||
//! which also explains why this crate should not use getentropy(2). | ||
use crate::{util_libc::last_os_error, Error}; | ||
use core::mem::MaybeUninit; | ||
|
||
const MAX_BYTES: usize = 1024; | ||
|
||
pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> { | ||
for chunk in dest.chunks_mut(MAX_BYTES) { | ||
let ptr = chunk.as_mut_ptr() as *mut libc::c_void; | ||
let ret = unsafe { libc::getrandom(ptr, chunk.len(), libc::GRND_RANDOM) }; | ||
// If getrandom(2) succeeds, it should have completely filled chunk. | ||
if ret < 0 { | ||
return Err(last_os_error()); | ||
} | ||
if (ret as usize) != chunk.len() { | ||
return Err(Error::UNEXPECTED); | ||
} | ||
} | ||
Ok(()) | ||
} |