From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/6907 Path: news.gmane.org!not-for-mail From: Brent Cook Newsgroups: gmane.linux.lib.musl.general Subject: Re: getrandom syscall Date: Wed, 28 Jan 2015 11:43:17 -0600 Message-ID: References: <20150128145410.GH4574@brightrain.aerifal.cx> <20150128154108.GH32318@port70.net> <20150128160352.GI32318@port70.net> <20150128162104.GJ4574@brightrain.aerifal.cx> Reply-To: musl@lists.openwall.com NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Trace: ger.gmane.org 1422467013 24292 80.91.229.3 (28 Jan 2015 17:43:33 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 28 Jan 2015 17:43:33 +0000 (UTC) To: musl@lists.openwall.com Original-X-From: musl-return-6920-gllmg-musl=m.gmane.org@lists.openwall.com Wed Jan 28 18:43:32 2015 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by plane.gmane.org with smtp (Exim 4.69) (envelope-from ) id 1YGWeJ-00066u-B7 for gllmg-musl@m.gmane.org; Wed, 28 Jan 2015 18:43:31 +0100 Original-Received: (qmail 15672 invoked by uid 550); 28 Jan 2015 17:43:30 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: Original-Received: (qmail 15654 invoked from network); 28 Jan 2015 17:43:29 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=wmY5M/OdUOpRd7nNrucfN4G6WOdzBCcx2qgsbnI5cxE=; b=b3Pt4Qw5krmQFmZnQH2v7kbGjxz3lV5MoI0Ux0ZCmI0wwSf82dAGfWT8vRQaUeqCUK rEa47EjYPKN5IH8KH2uSaUYSOPwZ3HiZoGSP0npDqhuI6ejqSUbD3rk5q5Zn6efzvwbo Vzxq3Qf8I+WI00ovHUtkBqW4+aGNrocQVCmCe5ZnQ7HkEa/dVEKnHp8G6DiEm+eZxmjy 4GwuprpJMa24LK8SB68pn15M+UqjtI5cgekcAI0/znMLYpfAHKE0B03M1sDQk+Wdgh8C jWWtf4mk+2SaycFkTym4Z64V1qLvjL35kfAlvks8sJwaAXu+LMYUNrOGJH4d6JAG6uh8 VCkQ== X-Received: by 10.170.196.133 with SMTP id n127mr1987280yke.77.1422466997584; Wed, 28 Jan 2015 09:43:17 -0800 (PST) In-Reply-To: Xref: news.gmane.org gmane.linux.lib.musl.general:6907 Archived-At: Here is the wrapper in LibreSSL for getrandom, to hopefully lend to the discussion: https://github.com/libressl-portable/openbsd/blob/master/src/lib/libcrypto/crypto/getentropy_linux.c#L194 It tries to avoid a couple of possible issues. FIrst, while <= 256 byte getrandom should not interrupt, it appears that if the kernel entropy pool has not been initialized yet, it would still return EINTR if called early enough in the boot process. How likely this is in practice, I don't know. Then, to avoid modifying errno even though there was an actual success, the wrapper restores the previous errno value when it succeeds. I just realized that the length check in getentropy_getrandom() is redundant, since it is checked earlier in getentropy() as well, but hopefully this is helpful. If a getentropy() were added to musl libc, but in such a way that it might fail on older kernels, that would cause some problems with LibreSSL, and now OpenNTPD. They will both try to use getentropy() with arc4random() if it is found in a system, and arc4random() will treat a getentropy() failure as fatal. Thanks, and good discussion.