From: Thomas Devoogdt <[email protected]> getrandom() was introduced in version 3.17 of the Linux kernel. Support was added to glibc in version 2.25.
https://man7.org/linux/man-pages/man2/getrandom.2.html read_new_seed will anyway fallback to /dev/{u}random if (ret != len) Signed-off-by: Thomas Devoogdt <[email protected]> --- v2: - check if __GLIBC_PREREQ is defined - assume by default that we have <sys/random.h> v3: - errno was not set, so is_creditable was never true v4: - fixed some whitespaces --- miscutils/seedrng.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/miscutils/seedrng.c b/miscutils/seedrng.c index 967741dc7..0091e63e9 100644 --- a/miscutils/seedrng.c +++ b/miscutils/seedrng.c @@ -42,12 +42,21 @@ #include "libbb.h" #include <linux/random.h> -#include <sys/random.h> #include <sys/file.h> +#define HAVE_SYS_RANDOM_H 1 +#if defined(__GLIBC_PREREQ) +#if !__GLIBC_PREREQ(2, 25) +#undef HAVE_SYS_RANDOM_H +#endif +#endif + +#if defined(HAVE_SYS_RANDOM_H) +#include <sys/random.h> #ifndef GRND_INSECURE #define GRND_INSECURE 0x0004 /* Apparently some headers don't ship with this yet. */ #endif +#endif #define DEFAULT_SEED_DIR "/var/lib/seedrng" #define CREDITABLE_SEED_NAME "seed.credit" @@ -81,13 +90,15 @@ static size_t determine_optimal_seed_len(void) static bool read_new_seed(uint8_t *seed, size_t len) { bool is_creditable; - ssize_t ret; - ret = getrandom(seed, len, GRND_NONBLOCK); +#if defined(HAVE_SYS_RANDOM_H) + ssize_t ret = getrandom(seed, len, GRND_NONBLOCK); if (ret == (ssize_t)len) { return true; } - if (ret < 0 && errno == ENOSYS) { + if (ret < 0 && errno == ENOSYS) +#endif + { int fd = xopen("/dev/random", O_RDONLY); struct pollfd random_fd; random_fd.fd = fd; @@ -96,11 +107,14 @@ static bool read_new_seed(uint8_t *seed, size_t len) //This is racy. is_creditable can be set to true here, but other process //can consume "good" random data from /dev/urandom before we do it below. close(fd); - } else { + } +#if defined(HAVE_SYS_RANDOM_H) + else { if (getrandom(seed, len, GRND_INSECURE) == (ssize_t)len) return false; is_creditable = false; } +#endif /* Either getrandom() is not implemented, or * getrandom(GRND_INSECURE) did not give us LEN bytes. -- 2.34.1 _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
