Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nautilus: core: auth/Crypto: fallback to /dev/urandom if getentropy() fails #31301

Merged
merged 2 commits into from Dec 18, 2019
Merged

nautilus: core: auth/Crypto: fallback to /dev/urandom if getentropy() fails #31301

merged 2 commits into from Dec 18, 2019

Conversation

smithfarm
Copy link
Contributor

backport tracker: https://tracker.ceph.com/issues/42134

backport of #30544
parent tracker: https://tracker.ceph.com/issues/42018

this backport was staged using ceph-backport.sh version 15.0.0.6612
find the latest version at https://github.com/ceph/ceph/blob/master/src/script/ceph-backport.sh

@tchaikov @smithfarm
auth/Crypto: fallback to /dev/urandom if getentropy() fails
958e43a 
we still support Linux 3.10, which does not support `getrandom(2)`.
so even if the glibc installed on the building host offers `getentropy()`
call, we still need to check for the syscall's existence at runtime
in case that the Linux kernel version is lower than 3.17 which
introduced the support of `getrandom(2)`.

in this chance, we detect the existence of `getentropy()` by using it
when constructing `CryptoRandom`, this system call could fail due to 3
reasons:
1. ENOSYS: the kernel does not support `getrandom(2)`
2. EPERM: the syscall is blocked by a security policy
3. EINTR: interrupted by a signal

so we fall back to /dev/urandom in cases of ENOSYS and EPERM, retry on
EINTR, otherwise, an exception is thrown.

Fixes: https://tracker.ceph.com/issues/42018
Signed-off-by: Kefu Chai <kchai@redhat.com>
(cherry picked from commit bb6d9c3)
@tchaikov @smithfarm
auth/Crypto: assert(len <= 256) before calling getentropy()
b1d4498 
this assert() will be optimized out in Release mode.

Signed-off-by: Kefu Chai <kchai@redhat.com>
(cherry picked from commit ccae47e)
@smithfarm smithfarm added this to the nautilus milestone Oct 31, 2019
@smithfarm smithfarm changed the title nautilus: auth/Crypto: fallback to /dev/urandom if getentropy() fails nautilus: core: auth/Crypto: fallback to /dev/urandom if getentropy() fails Oct 31, 2019
@smithfarm smithfarm added the core label Oct 31, 2019
@smithfarm
Copy link
Contributor Author

test this please

@smithfarm smithfarm added nautilus-batch-1 nautilus point releases needs-qa labels Dec 13, 2019
@yuriw
Copy link
Contributor

yuriw commented Dec 17, 2019

wip-yuri6-testing-2019-12-17-1658-nautilus

@neha-ojha
Copy link
Member

@yuriw @smithfarm please note that the parent PR is tagged as rgw

@yuriw yuriw merged commit afd25bc into ceph:nautilus Dec 18, 2019
@smithfarm smithfarm deleted the wip-42134-nautilus branch December 19, 2019 14:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jdurgin jdurgin jdurgin approved these changes

Assignees
No one assigned
Labels
core nautilus-batch-1 nautilus point releases needs-qa wip-yuri6-testing
Projects
None yet
Milestone
nautilus
5 participants
@smithfarm @yuriw @neha-ojha @jdurgin @tchaikov