summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/arc4random/getentropy_linux.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* For open/openat, if the flags parameter does not contain O_CREAT, thederaadt2021-10-241-2/+2
| | | | | | | | | | | | | 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
* As done everywhere else, use a local version of MINIMUM() and avoidderaadt2020-05-171-5/+5
| | | | conflict against a potential define min() from some other scope.
* Saw a mention somewhere a while back that the gotdata() function inderaadt2018-11-201-32/+7
| | | | | | | | here could creates non-uniformity since very short fetches of 0 would be excluded. blocks of 0 are just as random as any other data, including blocks of 4 4 4.. This is a misguided attempt to identify errors from the entropy churn/gather code doesn't make sense, errors don't happen. ok bcook
* ensure SYS_getrandom and GRND_NONBLOCK are both defined before using ↵bcook2018-03-131-4/+4
| | | | | | | getrandom(2) Based on discussion here https://github.com/libressl-portable/openbsd/pull/82 Suggested fix from jsing@
* Switch Linux getrandom() usage to non-blocking mode, continuing tobeck2017-04-291-6/+9
| | | | | | | | | | use fallback mechanims if unsuccessful. The design of Linux getrandom is broken. It has an uninitialized phase coupled with blocking behaviour, which is unacceptable from within a library at boot time without possible recovery. ok deraadt@ jsing@
* Update the link for the getentropy(2) manual to man.openbsd.org/tb2016-08-071-2/+2
| | | | ok deraadt@
* fix typo in comment; ok becktj2016-04-191-2/+2
|
* unify files furtherderaadt2015-09-111-10/+10
|
* unify versions, so they are easier to diff.deraadt2015-08-251-2/+2
|
* Remove unneeded sys/sysctl.h on linux.bcook2015-06-131-2/+1
| | | | This only provides the sysctl wrapper in glibc, which we do not use and is not available in other libc implementations for Linux. Thanks to ncopa from github.
* Not all Linux libc's include linux/sysctl.h in sys/sysctl.h.bcook2015-04-271-2/+3
| | | | Include it if we have the sysctl syscall.
* sys/sysctl.h includes linux/sysctl.h, remove the extra unchecked includebcook2015-03-221-2/+1
|
* include header needed by older linux kernelsbcook2014-10-111-1/+2
| | | | not all versions of <linux/random.h> include <linux/types.h> by default
* preserve errno value on success.bcook2014-08-281-4/+6
| | | | | If getrandom returns a temporary failure, make sure errno is not polluted when it succeeds. Thanks to deraadt@ for pointing it out.
* only build the getrandom path if SYS_getrandom is defined.bcook2014-08-161-3/+7
| | | | like the sysctl path
* getrandom(2) support for getentropy_linuxbcook2014-08-161-13/+10
| | | | | | | | | | | This enables support for the new getrandom(2) syscall in Linux 3.17. If the call exists and fails, return a failure in getentropy(2) emulation as well. This adds a EINTR check in case the urandom pool is not initialized. Tested on Fedora Rawhide with 3.17rc0 and Ubuntu 14.04 ok deraadt@
* better match proposed syscall apibcook2014-07-221-8/+2
|
* protect sysctl path with SYS__sysctl instead; from enh@google, ok bcookderaadt2014-07-211-6/+6
|
* Use explicit_bzero() instead of memset() on buffers going out of scope.guenther2014-07-211-2/+3
| | | | | | | Also, zero the SHA256 context. suggested by "eric" in a comment on an opensslrampage.org post ok miod@ deraadt@
* cast from void * before math; enh@googlederaadt2014-07-211-2/+2
|
* Demonstrate how new linux getrandom() will be called, at least untilderaadt2014-07-201-1/+37
| | | | | | it shows up in libraries. Even the system call is probably not finalized. Bit dissapointed it has turned out to be a descriptor-less read() with EINVAL and EINTR error conditions, but we can work with it.
* remove disabled main hook; we use phdr now; ok bcookderaadt2014-07-191-7/+1
|
* tab lovederaadt2014-07-191-3/+3
|
* Only call getauxval(3) if HAVE_GETAUXVAL is defined. Fixes build on olderkettenis2014-07-161-1/+3
| | | | | | | Linux (such as Ubuntu 12.04LTS) that don't have it yet. Seems the AT_XXX defines are pulled in by <link.h> now. ok beck@
* Use dl_iterate_phdr() to iterate over the segments and throw the addressesderaadt2014-07-131-1/+14
| | | | | | | into the hash; hoping the system has some ASLR or PIE. This replaces and substantially improves upon &main which proved problematic with some picky linkers. Work with kettenis, testing by beck
* Provide a link to the canonical API specification.deraadt2014-07-131-1/+4
| | | | ok beck
* Take away the use of the address of main as a source of entropy. Causesbeck2014-07-131-1/+5
| | | | | | distractions to people testing and seeing link errors in some setups. This will come back in another form ok deraadt@
* Remove signed/unsigned warning, statement before declaration andwouter2014-07-121-11/+12
| | | | | | add a function to use function pointers that does not take sizeof(fptr). OK beck@
* guard inclusion of sys/sysctl.h so we can detect at compile time andbeck2014-07-121-1/+3
| | | | | keep linux distros happy that don't have it. ok bcook@
* remove gratuitous differences, ok beck bcookderaadt2014-07-121-6/+6
|
* fix oops, accidental delete.. darn copying of files between machinesbeck2014-07-081-2/+2
|
* j should be an int, like repeatbeck2014-07-081-3/+4
|
* unbreak last commit - but same intent, make re-seed less expensivebeck2014-07-081-12/+16
|
* repeat calls to getentrypy() with the same pid likely indicate reseeds.deraadt2014-07-081-3/+10
| | | | | | Since we assume the PRNG above is doing "something old, something new" folding, shortcut and do fewer repeats through the timing loop. ok beck
* fix HD() misuse; from brent cookderaadt2014-06-261-2/+2
|
* AT_BASE returns us the *address* of the start of ld.so, sobeck2014-06-251-2/+2
| | | | | use the address, not what it points to (which is always the same) ok deraadt@
* get the page of data at AT_SYSINFO_EHDRbeck2014-06-251-2/+2
| | | | ok deraadt@
* comment fixes from theobeck2014-06-251-5/+6
|
* Possibly obtain a little bit of entropy from addresses returnedbeck2014-06-251-2/+23
| | | | | by getauxval if we have it. ok deraadt@
* O_NOFOLLOW would be very nice to have here if the version of linuxbeck2014-06-251-10/+11
| | | | | we are running supports it. from enh@google.com
* unbreak build of getentropy_sysctl - we need linux/sysctl.h, andbeck2014-06-231-18/+21
| | | | RANDOM_UUID is an enum member.
* unbreak - main needs to be extern in here somewhere.beck2014-06-231-1/+2
|
* repair indentation for an inner loop; shorten some macros and variablederaadt2014-06-211-129/+135
| | | | | names to shorten line lengths ok beck
* hash in correct pointerderaadt2014-06-211-2/+2
|
* KNFbeck2014-06-201-48/+56
|
* indentderaadt2014-06-201-2/+2
|
* rearrange so that the main function with the important comments is at the topotto2014-06-201-78/+80
| | | | ok deraadt@ beck@
* Work in progress on how to deal with the inherit unreliability ofbeck2014-06-201-0/+439
/dev/urandom. Does well in the fallback case. Get it in tree so it can be worked on. ok otto@ deraadt@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-02 11:59:54 +0000