aboutgitcodebugslistschat
path: root/util.c
diff options
context:
space:
mode:
authorDavid Gibson <david@gibson.dropbear.id.au>2024-11-14 14:33:08 +1100
committerStefano Brivio <sbrivio@redhat.com>2024-11-14 19:00:36 +0100
commit71d5deed5eed3949ee09c5f0a53b4de0b09b4afc (patch)
treee478a847033cabee0c8b378a42bc051d30bedbb3 /util.c
parenta60703e89991d23345ed929328001e19f5bc47e0 (diff)
downloadpasst-71d5deed5eed3949ee09c5f0a53b4de0b09b4afc.tar
passt-71d5deed5eed3949ee09c5f0a53b4de0b09b4afc.tar.gz
passt-71d5deed5eed3949ee09c5f0a53b4de0b09b4afc.tar.bz2
passt-71d5deed5eed3949ee09c5f0a53b4de0b09b4afc.tar.lz
passt-71d5deed5eed3949ee09c5f0a53b4de0b09b4afc.tar.xz
passt-71d5deed5eed3949ee09c5f0a53b4de0b09b4afc.tar.zst
passt-71d5deed5eed3949ee09c5f0a53b4de0b09b4afc.zip
util: Add general low-level random bytes helper
Currently secret_init() open codes getting good quality random bytes from the OS, either via getrandom(2) or reading /dev/random. We're going to add at least one more place that needs random data in future, so make a general helper for getting random bytes. While we're there, fix a number of minor bugs: - getrandom() can theoretically return a "short read", so handle that case - getrandom() as well as read can return a transient EINTR - We would attempt to read data from /dev/random if we failed to open it (open() returns -1), but not if we opened it as fd 0 (unlikely, but ok) - More specific error reporting Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'util.c')
-rw-r--r--util.c54
1 files changed, 54 insertions, 0 deletions
diff --git a/util.c b/util.c
index 126dedb..55cae3f 100644
--- a/util.c
+++ b/util.c
@@ -34,6 +34,9 @@
#include "passt.h"
#include "packet.h"
#include "log.h"
+#ifdef HAS_GETRANDOM
+#include <sys/random.h>
+#endif
/**
* sock_l4_sa() - Create and bind socket to socket address, add to epoll list
@@ -783,3 +786,54 @@ bool snprintf_check(char *str, size_t size, const char *format, ...)
return false;
}
+
+#define DEV_RANDOM "/dev/random"
+
+/**
+ * raw_random() - Get high quality random bytes
+ * @buf: Buffer to fill with random bytes
+ * @buflen: Number of bytes of random data to put in @buf
+ *
+ * Assumes that the random data is essential, and will die() if unable to obtain
+ * it.
+ */
+void raw_random(void *buf, size_t buflen)
+{
+ size_t random_read = 0;
+#ifndef HAS_GETRANDOM
+ int fd = open(DEV_RANDOM, O_RDONLY);
+
+ if (fd < 0)
+ die_perror("Couldn't open %s", DEV_RANDOM);
+#endif
+
+ while (random_read < buflen) {
+ ssize_t ret;
+
+#ifdef HAS_GETRANDOM
+ ret = getrandom((char *)buf + random_read,
+ buflen - random_read, GRND_RANDOM);
+#else
+ ret = read(dev_random, (char *)buf + random_read,
+ buflen - random_read);
+#endif
+
+ if (ret == -1 && errno == EINTR)
+ continue;
+
+ if (ret < 0)
+ die_perror("Error on random data source");
+
+ if (ret == 0)
+ break;
+
+ random_read += ret;
+ }
+
+#ifndef HAS_GETRANDOM
+ close(dev_random);
+#endif
+
+ if (random_read < buflen)
+ die("Unexpected EOF on random data source");
+}