Skip to content

Commit

Permalink
Switch Solaris to getentropy
Browse files Browse the repository at this point in the history
  • Loading branch information
newpavlov committed May 3, 2024
1 parent 495fefd commit e535bc8
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 35 deletions.
31 changes: 4 additions & 27 deletions src/getrandom.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
//! Implementation using libc::getrandom
//! Implementation using `libc::getrandom`.
//!
//! Available since:
//! - Linux Kernel 3.17, Glibc 2.25, Musl 1.1.20
Expand All @@ -10,34 +10,11 @@
//! - DragonFly 5.7
//! - Hurd Glibc 2.31
//! - shim-3ds since Feb 2022
//!
//! For all platforms, we use the default randomness source (the one used
//! by /dev/urandom) rather than the /dev/random (GRND_RANDOM) source. For
//! more information see the linked man pages in lib.rs.
//! - On Linux, "/dev/urandom is preferred and sufficient in all use cases".
//! - On NetBSD, "there is no reason to ever use" GRND_RANDOM.
//! - On Illumos, the default source is used for getentropy() and the like:
//! https://github.com/illumos/illumos-gate/blob/89cf0c2ce8a47dcf555bb1596f9034f07b9467fa/usr/src/lib/libc/port/gen/getentropy.c#L33
//! - On Solaris, both sources use FIPS 140-2 / NIST SP-900-90A DRBGs, see:
//! https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2
//! - On Redox, only /dev/urandom is provided.
//! - On AIX, /dev/urandom will "provide cryptographically secure output".
//! - On Haiku, QNX Neutrino, DragonFly, and FreeBSD, they are identical.
use crate::{util_libc::sys_fill_exact, Error};
use core::mem::MaybeUninit;

// On Solaris 11.3, getrandom() will fail if bufsz > 1024 (bufsz > 133120 on Solaris 11.4).
// This issue is not present in Illumos's implementation of getrandom().
#[cfg(target_os = "solaris")]
const MAX_BYTES: usize = 1024;
#[cfg(not(target_os = "solaris"))]
const MAX_BYTES: usize = usize::MAX;

pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
for chunk in dest.chunks_mut(MAX_BYTES) {
sys_fill_exact(chunk, |buf| unsafe {
libc::getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
})?;
}
Ok(())
sys_fill_exact(dest, |buf| unsafe {
libc::getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
})
}
10 changes: 3 additions & 7 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
//! | OpenBSD | `*‑openbsd` | [`getentropy`][7]
//! | NetBSD | `*‑netbsd` | [`getrandom`][16] if available, otherwise [`kern.arandom`][8]
//! | Dragonfly BSD | `*‑dragonfly` | [`getrandom`][9]
//! | Solaris | `*‑solaris` | [`getrandom`][11]
//! | Solaris | `*‑solaris` | [`getentropy`][11]
//! | Illumos | `*‑illumos` | [`getrandom`][12]
//! | Fuchsia OS | `*‑fuchsia` | [`cprng_draw`]
//! | Redox | `*‑redox` | `/dev/urandom`
Expand All @@ -31,10 +31,6 @@
//! | QNX Neutrino | `*‑nto-qnx*` | [`/dev/urandom`][14] (identical to `/dev/random`)
//! | AIX | `*-ibm-aix` | [`/dev/urandom`][15]
//!
//! There is no blanket implementation on `unix` targets that reads from
//! `/dev/urandom`. This ensures all supported targets are using the recommended
//! interface and respect maximum buffer sizes.
//!
//! Pull Requests that add support for new targets to `getrandom` are always welcome.
//!
//! ## Unsupported targets
Expand Down Expand Up @@ -177,7 +173,7 @@
//! [7]: https://man.openbsd.org/getentropy.2
//! [8]: https://man.netbsd.org/sysctl.7
//! [9]: https://leaf.dragonflybsd.org/cgi/web-man?command=getrandom
//! [11]: https://docs.oracle.com/cd/E88353_01/html/E37841/getrandom-2.html
//! [11]: https://docs.oracle.com/cd/E88353_01/html/E37841/getentropy-2.html
//! [12]: https://illumos.org/man/2/getrandom
//! [13]: https://github.com/emscripten-core/emscripten/pull/12240
//! [14]: https://www.qnx.com/developers/docs/7.1/index.html#com.qnx.doc.neutrino.utilities/topic/r/random.html
Expand Down Expand Up @@ -242,6 +238,7 @@ cfg_if! {
} else if #[cfg(any(
target_os = "macos",
target_os = "openbsd",
target_os = "solaris",
target_os = "vita",
target_os = "emscripten",
))] {
Expand All @@ -252,7 +249,6 @@ cfg_if! {
target_os = "freebsd",
target_os = "hurd",
target_os = "illumos",
target_os = "solaris",
// Check for target_arch = "arm" to only include the 3DS. Does not
// include the Nintendo Switch (which is target_arch = "aarch64").
all(target_os = "horizon", target_arch = "arm"),
Expand Down
7 changes: 6 additions & 1 deletion src/use_file.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,12 @@ use core::{
sync::atomic::{AtomicUsize, Ordering::Relaxed},
};

// We always use /dev/urandom, see the comment in getrandom.rs.
/// For all platforms, we use `/dev/urandom` rather than `/dev/random`.
/// For more information see the linked man pages in lib.rs.
/// - On Linux, "/dev/urandom is preferred and sufficient in all use cases".
/// - On Redox, only /dev/urandom is provided.
/// - On AIX, /dev/urandom will "provide cryptographically secure output".
/// - On Haiku and QNX Neutrino they are identical.
const FILE_PATH: &str = "/dev/urandom\0";
const FD_UNINIT: usize = usize::max_value();

Expand Down

0 comments on commit e535bc8

Please sign in to comment.