-
-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
os.urandom() should use Linux 3.17 getrandom() syscall #66377
Comments
The future Linux kernel 3.17 will have a new getrandom() syscall which avoids the need of a file descriptor: The file descriptor of os.urandom() causes perfomance issues and surprising bugs: bpo-18756, bpo-21207. I don't know when the function will land in the libc. OpenBSD 5.6 (not released yet) will also have a new getentropy() syscall. For Python 2.7, see also the PEP-466 and the issue bpo-21305. |
Manual page of the OpenBSD getentropy() function: LibreSSL didn't wait for the libc, search for getentropy_getrandom(): The code is currently disabled with "#if 0". The syscall is directly used, the function doesn't handle the ENOSYS error. See also this issue of the cryptography project, "Use getentropy(2) and getrandom(2) syscalls when available 1299": |
It's worth noting that LibreSSL has now enabled the blocked code. If anyone is interested, I would be willing to help port it. |
Hi, Can anyone confirm it's availability in a kernel image (from some other distribution?). |
Note that I'm not fussed about it: far from simplifying the code, it |
The Linux kernel 3.17 has been released with the new getrandom() syscall. glibc request to implement the function in the C library: It looks like nobody asks for it on the libc-alpha mailing list yet. |
Let's not be early adopters here. I suggest we wait until glibc has a proper interface. |
OpenBSD already provides high quality pseudorandom numbers from arc4random(). I don't think this would make us "early adopters" since it has been around for some time on this platform. It's also worth mentioning that getentropy() is not recommended in use for normal code as per stated in the man page. arc4random() is recommended, but there may be a reason the first poster has recommended getentropy() |
This issue is about Linux support. Does the glibc have arc4random? I can't find it on my Ubuntu 13.10 system. |
As I said on the other ticket, using arc4random() indiscriminately would be a very poor idea, on some platforms (such as OS X) arc4random() really does use ARC4, which means there are serious security concerns with it. |
While I agree it may not be wise to use arc4random() globally, OpenBSD is unlikely to create a duplicate interface since it's already available. Python is currently unusable in chroots on that platform without reducing the security of the host partition by removing the nodev mount flag. I feel like there must be a good solution to this. |
Since this is a Linux-specific issue (see the title), you should create a separate issue for OpenBSD support. Bonus points if you want to submit a patch as well :-) |
This issue is specific to Linux: it depends on the Linux kernel version and we are waiting until the new syscall is available in the C library (especially the glibc). For these reasons, I prefer to open a new specific issue for OpenBSD, since they release the kernel and C library at the same time (different release process): issue bpo-22585. OpenBSD 5.6 scheduled in one month will get the new getentropy() syscall and a new getentropy() function at the same time. |
700eb415 opened the issue bpo-22542 for arc4random(). |
Commit in the Linux kernel: -- Here is a patch to use the new getrandom() syscall of Linux 3.17 in the Python function os.urandom(). The function falls back to reading /dev/urandom if getrandom() is not supported (returns ENOSYS at runtime). On my Linux 3.18, the EINTR path is never taken. But I was able to test it manually by setting flags to GRND_RANDOM (2) and injecting many signals using signal.setitimer(): see my http://bugs.python.org/issue23285#msg237100 |
random-2.patch: updated patch (I don't understand why random.patch doesn't apply cleanly). |
New changeset 1fc32bf069ff by Victor Stinner in branch 'default': |
Oh, test_os now fails on Linux because os.urandom() doesn't use a file descriptor anymore. The test should be skipped when getrandom() is used. The test is already skipped when getentropy() is used. |
New changeset 4491bdb6527b by Victor Stinner in branch 'default': |
New changeset 8c73af0b3cd9 by Victor Stinner in branch 'default': |
You forgot to run aclocal, which resulted in PKG_PROG_PKG_CONFIG not being expanded in configure. |
New changeset b8ceb071159f by Victor Stinner in branch 'default': |
New changeset 28b465d8c519 by Victor Stinner in branch 'default': |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: