On Mon, Apr 3, 2017 at 4:02 PM, Alan Coopersmith <[email protected]> wrote: > On 04/ 3/17 05:52 AM, Benjamin Tissoires wrote: >> >> This allows to fix CVE-2017-2625 on Linux platforms without pulling in >> libbsd. >> The syscall getrandom is available since kernel v3.17. The code first >> tries to use the syscall on a supported kernel. If the syscall fails, >> it falls back to the current (vulnerable) code. >> We do not implement the glibc getrandom() call given that it's only >> available in glibc 2.25, and the #if dance is already messy here. >> >> Signed-off-by: Benjamin Tissoires <[email protected]> > > > This is dangerous - Solaris <sys/syscall.h> defines SYS_getrandom, but > I don't know if our syscall arguments/semantics are the same, and we > only support applications calling the libc getrandom() function, not the > raw syscall.
I see. In that case, would it help to use unconditionally the libc getrandom() function, and in case it's not there, provide a stub for it through the syscall or other emulation layer? Matthieu, I am not 100% sure, but do you have the getrandom() libc call in BSD, and would it be OK to use it instead of arc4random_buf() when available? > >> diff --git a/configure.ac b/configure.ac >> index 2288502..d0d4d05 100644 >> --- a/configure.ac >> +++ b/configure.ac >> @@ -63,6 +63,9 @@ case $host_os in >> ;; >> esac >> >> +# Checks for syscalls >> +AC_CHECK_DECLS([SYS_getrandom], [], [], [[#include <sys/syscall.h>]]) >> + >> # Checks for library functions. >> AC_CHECK_LIB([bsd], [arc4random_buf]) >> AC_CHECK_FUNCS([srand48 lrand48 arc4random_buf]) >> > > Could you move that check up into the case $host_os section above it > under a new case for *linux* perhaps? Sure. Cheers, Benjamin _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
