crypto: Use getrandom for qcrypto_random_bytes

Prefer it to direct use of /dev/urandom. Reviewed-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
2019-03-13 20:57:28 -07:00 · 2019-03-13 20:57:28 -07:00 · db1ed1abcf
commit db1ed1abcf
parent e9979ca64e
2 changed files with 49 additions and 6 deletions
--- a/18
+++ b/18
@ -5815,6 +5815,20 @@ if compile_prog "" "" ; then
    have_utmpx=yes
 fi

+##########################################
+# check for getrandom()
+
+have_getrandom=no
+cat > $TMPC << EOF
+#include <sys/random.h>
+int main(void) {
+    return getrandom(0, 0, GRND_NONBLOCK);
+}
+EOF
+if compile_prog "" "" ; then
+    have_getrandom=yes
+fi
+
 ##########################################
 # checks for sanitizers

@ -7204,7 +7218,9 @@ fi
 if test "$have_utmpx" = "yes" ; then
  echo "HAVE_UTMPX=y" >> $config_host_mak
 fi
-
+if test "$have_getrandom" = "yes" ; then
+  echo "CONFIG_GETRANDOM=y" >> $config_host_mak
+fi
 if test "$ivshmem" = "yes" ; then
  echo "CONFIG_IVSHMEM=y" >> $config_host_mak
 fi
--- a/crypto/random-platform.c
+++ b/crypto/random-platform.c
@ -27,7 +27,11 @@
 #include <wincrypt.h>
 static HCRYPTPROV hCryptProv;
 #else
-static int fd; /* a file handle to either /dev/urandom or /dev/random */
+# ifdef CONFIG_GETRANDOM
+#  include <sys/random.h>
+# endif
+/* This is -1 for getrandom(), or a file handle for /dev/{u,}random.  */
+static int fd;
 #endif

 int qcrypto_random_init(Error **errp)
@ -40,15 +44,20 @@ int qcrypto_random_init(Error **errp)
        return -1;
    }
 #else
-    /* TBD perhaps also add support for BSD getentropy / Linux
-     * getrandom syscalls directly */
+# ifdef CONFIG_GETRANDOM
+    if (getrandom(NULL, 0, 0) == 0) {
+        /* Use getrandom() */
+        fd = -1;
+        return 0;
+    }
+    /* Fall through to /dev/urandom case.  */
+# endif
    fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
    if (fd == -1 && errno == ENOENT) {
        fd = open("/dev/random", O_RDONLY | O_CLOEXEC);
    }
-
    if (fd < 0) {
-        error_setg(errp, "No /dev/urandom or /dev/random found");
+        error_setg_errno(errp, errno, "No /dev/urandom or /dev/random");
        return -1;
    }
 #endif
@ -66,6 +75,24 @@ int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED,
        return -1;
    }
 #else
+# ifdef CONFIG_GETRANDOM
+    if (likely(fd < 0)) {
+        while (1) {
+            ssize_t got = getrandom(buf, buflen, 0);
+            if (likely(got == buflen)) {
+                return 0;
+            }
+            if (got >= 0) {
+                buflen -= got;
+                buf += got;
+            } else if (errno != EINTR) {
+                error_setg_errno(errp, errno, "getrandom");
+                return -1;
+            }
+        }
+    }
+    /* Fall through to /dev/urandom case.  */
+# endif
    while (1) {
        ssize_t got = read(fd, buf, buflen);
        if (likely(got == buflen)) {