-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add _stdlib_random
for more platforms
#1
Changes from 2 commits
e61e1f5
3be8722
a66a5a7
d4fceb2
e02595a
24cf260
b145189
d31a2e6
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -13,14 +13,34 @@ | |
#if defined(__APPLE__) | ||
#define _REENTRANT | ||
#include <math.h> | ||
#include <CoreFoundation/CoreFoundation.h> | ||
#include <Security/Security.h> | ||
#endif | ||
|
||
#if defined(__Fuchsia__) | ||
#include <sys/random.h> | ||
#endif | ||
|
||
#if defined(__linux__) | ||
#include <linux/version.h> | ||
#include <sys/syscall.h> | ||
#else | ||
#define KERNEL_VERSION(...) 0 | ||
#endif | ||
|
||
#include <random> | ||
#include <type_traits> | ||
#include <cmath> | ||
|
||
#if defined(_WIN32) | ||
#include <io.h> | ||
#define WIN32_LEAN_AND_MEAN | ||
#define WIN32_NO_STATUS | ||
#include <Windows.h> | ||
#undef WIN32_NO_STATUS | ||
#include <Bcrypt.h> | ||
#include <Ntdef.h> | ||
#include <Ntstatus.h> | ||
#else | ||
#include <unistd.h> | ||
#include <pthread.h> | ||
|
@@ -332,44 +352,101 @@ swift::_stdlib_cxx11_mt19937_uniform(__swift_uint32_t upper_bound) { | |
} | ||
|
||
#if defined(__APPLE__) | ||
#include <Security/Security.h> | ||
|
||
SWIFT_RUNTIME_STDLIB_INTERNAL | ||
void swift::_stdlib_random(void *buf, __swift_size_t nbytes) { | ||
if (__builtin_available(macOS 10.12, iOS 10, tvOS 10, watchOS 3, *)) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Out of curiosity, why isn't this conditional written in the form of a macro? And why not just stick with (I recognize that this isn't being changed here, but I thought I'd ask.) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yea so Greg Parker brought this up as well in the actual pr, but I know a few on the mailing list had said that the Darwin solution should use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
@xwu The original was using macros. I suggested __builtin_available because it should be a runtime conditional. AFAIK, until the stdlib is a system library, |
||
arc4random_buf(buf, nbytes); | ||
}else { | ||
} else { | ||
OSStatus status = SecRandomCopyBytes(kSecRandomDefault, nbytes, buf); | ||
if (status != errSecSuccess) { | ||
fatalError(0, "Fatal error: SecRandomCopyBytes failed with error %d\n", status); | ||
char message[256] = ""; | ||
if (CFStringRef cfString {SecCopyErrorMessageString(status, nullptr)}) { | ||
CFStringGetCString(cfString, message, sizeof(message), | ||
kCFStringEncodingUTF8); | ||
CFRelease(cfString); | ||
} | ||
fatalError(0, "'%s' error %d: %s\n", __func__, status, message); | ||
} | ||
} | ||
} | ||
#elif defined(__linux__) | ||
#include <linux/version.h> | ||
#include <sys/syscall.h> | ||
|
||
#elif defined(__BIONIC__) || defined(__CYGWIN__) || defined(__FreeBSD__) | ||
|
||
SWIFT_RUNTIME_STDLIB_INTERNAL | ||
void swift::_stdlib_random(void *buf, __swift_size_t nbytes) { | ||
#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0) | ||
auto _read = [&]() -> __swift_ssize_t { | ||
return syscall(SYS_getrandom, buf, bytes, 0); | ||
}; | ||
#else | ||
auto _read = [&]() -> __swift_ssize_t { | ||
static const int fd = _stdlib_open("/dev/urandom", O_RDONLY); | ||
if (fd < 0) { | ||
fatalError(0, "Unable to open '/dev/urandom'\n"); | ||
arc4random_buf(buf, nbytes); | ||
} | ||
|
||
#elif defined(__Fuchsia__) | ||
|
||
SWIFT_RUNTIME_STDLIB_INTERNAL | ||
void swift::_stdlib_random(void *buf, __swift_size_t nbytes) { | ||
while (nbytes > 0) { | ||
constexpr __swift_size_t max_nbytes = 256; | ||
__swift_size_t actual_nbytes = (nbytes < max_nbytes ? | ||
nbytes : max_nbytes); | ||
if (0 != getentropy(buf, actual_nbytes)) { | ||
fatalError(0, "'%s' error %d: %s\n", __func__, errno, strerror(errno)); | ||
} | ||
return _stdlib_read(fd, buf, bytes); | ||
}; | ||
#endif | ||
buf = static_cast<uint8_t *>(buf) + actual_nbytes; | ||
nbytes -= actual_nbytes; | ||
} | ||
} | ||
|
||
#elif defined(__linux__) && LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0) | ||
|
||
SWIFT_RUNTIME_STDLIB_INTERNAL | ||
void swift::_stdlib_random(void *buf, __swift_size_t nbytes) { | ||
while (nbytes > 0) { | ||
auto result = _read(); | ||
if (result < 1) { | ||
if (errno == EINTR) { continue; } | ||
fatalError(0, "Unable to read '/dev/urandom'\n"); | ||
__swift_ssize_t actual_nbytes = syscall(SYS_getrandom, buf, nbytes, 0); | ||
if (actual_nbytes < 1) { | ||
if (errno == EINTR) { | ||
continue; | ||
} else { | ||
fatalError(0, "'%s' error %d: %s\n", __func__, errno, strerror(errno)); | ||
} | ||
} | ||
buf = static_cast<uint8_t *>(buf) + result; | ||
nbytes -= result; | ||
buf = static_cast<uint8_t *>(buf) + actual_nbytes; | ||
nbytes -= actual_nbytes; | ||
} | ||
} | ||
|
||
#elif defined(_WIN32) | ||
|
||
SWIFT_RUNTIME_STDLIB_INTERNAL | ||
void swift::_stdlib_random(void *buf, __swift_size_t nbytes) { | ||
// TODO: Bcrypt.dll and/or Bcrypt.lib | ||
NTSTATUS status = BCryptGenRandom(nullptr, | ||
static_cast<PUCHAR>(buf), | ||
static_cast<ULONG>(nbytes), | ||
BCRYPT_USE_SYSTEM_PREFERRED_RNG); | ||
if (!NT_SUCCESS(status)) { | ||
// TODO: FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, ...); | ||
fatalError(0, "'%s' error %#.8x\n", __func__, status); | ||
} | ||
} | ||
|
||
#else // Haiku, Linux(<3.17), etc. | ||
|
||
SWIFT_RUNTIME_STDLIB_INTERNAL | ||
void swift::_stdlib_random(void *buf, __swift_size_t nbytes) { | ||
static const int fd = _stdlib_open("/dev/urandom", O_RDONLY, 0); | ||
if (fd < 0) { | ||
fatalError(0, "'%s' error %d: %s\n", __func__, errno, strerror(errno)); | ||
} | ||
while (nbytes > 0) { | ||
__swift_ssize_t actual_nbytes = _stdlib_read(fd, buf, nbytes); | ||
if (actual_nbytes < 1) { | ||
if (errno == EINTR) { | ||
continue; | ||
} else { | ||
fatalError(0, "'%s' error %d: %s\n", __func__, errno, strerror(errno)); | ||
} | ||
} | ||
buf = static_cast<uint8_t *>(buf) + actual_nbytes; | ||
nbytes -= actual_nbytes; | ||
} | ||
} | ||
|
||
#endif |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this kosher for the standard library? We could do without the detailed error message, IMO, if that simplifies dependencies.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@xwu This dependency already exists. But I could remove the
SecCopyErrorMessageString
call.