d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3d19db5dfb
freebsd-dev/lib/libc/gen/getentropy.c
Conrad Meyer 08a7e74c7c getentropy(3): Fallback to kern.arandom sysctl on older kernels 
On older kernels, when userspace program disables SIGSYS, catch ENOSYS and
emulate getrandom(2) syscall with the kern.arandom sysctl (via existing
arc4_sysctl wrapper).

Special care is taken to faithfully emulate EFAULT on NULL pointers, because
sysctl(3) as used by kern.arandom ignores NULL oldp.  (This was caught by
getentropy(3) ATF tests.)

Reported by:	kib
Reviewed by:	kib
Discussed with:	delphij
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D14785
2018-03-21 23:52:37 +00:00

104 lines
3.0 KiB
C
Raw Blame History

/*-
* SPDX-License-Identifier: BSD-2-Clause-FreeBSD
*
* Copyright (c) 2018 Conrad Meyer <cem@FreeBSD.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/random.h>
#include <errno.h>
#include <stdlib.h>
#include "libc_private.h"
/*
* If a newer libc is accidentally installed on an older kernel, provide high
* quality random data anyway. The sysctl interface is not as fast and does
* not block by itself, but is provided by even very old kernels.
*/
static int
getentropy_fallback(void *buf, size_t buflen)
{
/*
* oldp (buf) == NULL has a special meaning for sysctl that results in
* no EFAULT. For compatibility with the kernel getrandom(2), detect
* this case and return the appropriate error.
*/
if (buf == NULL && buflen > 0) {
errno = EFAULT;
return (-1);
}
if (__arc4_sysctl(buf, buflen) != buflen) {
if (errno == EFAULT)
return (-1);
/*
* This cannot happen. _arc4_sysctl() spins until the random
* device is seeded and then repeatedly reads until the full
* request is satisfied. The only way for this to return a zero
* byte or short read is if sysctl(2) on the kern.arandom MIB
* fails. In this case, exceping the user-provided-a-bogus-
* buffer EFAULT, give up (like for arc4random(3)'s arc4_stir).
*/
abort();
}
return (0);
}
int
getentropy(void *buf, size_t buflen)
{
ssize_t rd;
if (buflen > 256) {
errno = EIO;
return (-1);
}
while (buflen > 0) {
rd = getrandom(buf, buflen, 0);
if (rd == -1) {
if (errno == EINTR)
continue;
else if (errno == ENOSYS)
return (getentropy_fallback(buf, buflen));
else
return (-1);
}
/* This cannot happen. */
if (rd == 0)
abort();
buf = (char *)buf + rd;
buflen -= rd;
}
return (0);
}
Reference in New Issue View Git Blame Copy Permalink