[git] GCRYPT - branch, dkg/fix-T3894, created. libgcrypt-1.8.1-87-g842ff5f

by Daniel Kahn Gillmor cvs at cvs.gnupg.org
Wed Sep 5 16:43:06 CEST 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, dkg/fix-T3894 has been created
        at  842ff5f60cfaf6ce3b236a44dadeddf241dbd2c3 (commit)

- Log -----------------------------------------------------------------
commit 842ff5f60cfaf6ce3b236a44dadeddf241dbd2c3
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Wed Sep 5 10:34:04 2018 -0400

    random: use getrandom() on Linux where available
    
    * random/rndlinux.c (_gcry_rndlinux_gather_random): use the
    getrandom() syscall on Linux if it exists, regardless of what kind of
    entropy was requested.
    
    --
    
    This change avoids the serious usability problem of unnecessary
    blocking on /dev/random when the kernel's PRNG is already seeded,
    without introducing the risk of pulling from an uninitialized PRNG.
    It only has an effect on Linux systems with a functioning getrandom()
    syscall.  If that syscall is unavailable or fails, it should fall
    through to the pre-existing behavior.
    
    GnuPG-bug-id: 3894
    Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>

diff --git a/random/rndlinux.c b/random/rndlinux.c
index 1bb7c76..509b0b1 100644
--- a/random/rndlinux.c
+++ b/random/rndlinux.c
@@ -220,17 +220,16 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t,
       struct timeval tv;
       int rc;
 
-      /* If we have a modern Linux kernel and we want to read from the
-       * the non-blocking /dev/urandom, we first try to use the new
+      /* If we have a modern Linux kernel, we first try to use the new
        * getrandom syscall.  That call guarantees that the kernel's
        * RNG has been properly seeded before returning any data.  This
        * is different from /dev/urandom which may, due to its
        * non-blocking semantics, return data even if the kernel has
-       * not been properly seeded.  Unfortunately we need to use a
+       * not been properly seeded.  And it differs from /dev/random by never
+       * blocking once the kernel is seeded. Unfortunately we need to use a
        * syscall and not a new device and thus we are not able to use
        * select(2) to have a timeout. */
 #if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom)
-      if (fd == fd_urandom)
         {
           long ret;
           size_t nbytes;
@@ -247,7 +246,7 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t,
             }
           while (ret == -1 && errno == EINTR);
           if (ret == -1 && errno == ENOSYS)
-            ; /* The syscall is not supported - fallback to /dev/urandom.  */
+            ; /* The syscall is not supported - fallback to pulling from fd.  */
           else
             { /* The syscall is supported.  Some sanity checks.  */
               if (ret == -1)

-----------------------------------------------------------------------


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org

More information about the Gnupg-commits mailing list