Revert "crypto/rand: Fix a crash bug in RAND_enable_fork_unsafe_buffering." and "Enable getrandom for entropy gathering."
This reverts commits 36ca21415a0ef94f304ba174700e53d48aaa58ab and
7b668a873eca79116a429e3f3e4dc51107b968a3. We believe that we need to
update ASAN to be aware of getrandom before we can use it. Otherwise it
believes that the memory with the entropy from this syscall is
uninitialised.
Change-Id: I1ea1c4d3038b3b2cd080be23d7d8b60fc0c83df2
Reviewed-on: https://boringssl-review.googlesource.com/12901
Reviewed-by: Adam Langley <alangley@gmail.com>
Commit-Queue: Adam Langley <alangley@gmail.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/rand/urandom.c b/crypto/rand/urandom.c
index 14d2e8a..2572625 100644
--- a/crypto/rand/urandom.c
+++ b/crypto/rand/urandom.c
@@ -21,7 +21,6 @@
#include <assert.h>
#include <errno.h>
#include <fcntl.h>
-#include <stdio.h>
#include <string.h>
#include <unistd.h>
@@ -88,16 +87,12 @@
/* requested_lock is used to protect the |*_requested| variables. */
static struct CRYPTO_STATIC_MUTEX requested_lock = CRYPTO_STATIC_MUTEX_INIT;
-/* The following constants are magic values of |urandom_fd|. */
-static const int kUnset = -2;
-static const int kHaveGetrandom = -3;
-
-/* urandom_fd_requested is set by |RAND_set_urandom_fd|. It's protected by
+/* urandom_fd_requested is set by |RAND_set_urandom_fd|. It's protected by
* |requested_lock|. */
-static int urandom_fd_requested = -2 /* kUnset */;
+static int urandom_fd_requested = -2;
/* urandom_fd is a file descriptor to /dev/urandom. It's protected by |once|. */
-static int urandom_fd = -2 /* kUnset */;
+static int urandom_fd = -2;
/* urandom_buffering_requested is set by |RAND_enable_fork_unsafe_buffering|.
* It's protected by |requested_lock|. */
@@ -120,31 +115,12 @@
CRYPTO_STATIC_MUTEX_unlock_read(&requested_lock);
#if defined(USE_SYS_getrandom)
+ /* Initial test of getrandom to find any unexpected behavior. */
uint8_t dummy;
- long getrandom_ret =
- syscall(SYS_getrandom, &dummy, sizeof(dummy), GRND_NONBLOCK);
+ syscall(SYS_getrandom, &dummy, sizeof(dummy), GRND_NONBLOCK);
+#endif
- if (getrandom_ret == 1) {
- urandom_fd = kHaveGetrandom;
- return;
- } else if (getrandom_ret == -1 && errno == EAGAIN) {
- fprintf(stderr,
- "getrandom indicates that the entropy pool has not been "
- "initialized. Rather than continue with poor entropy, this process "
- "will block until entropy is available.\n");
- do {
- getrandom_ret =
- syscall(SYS_getrandom, &dummy, sizeof(dummy), 0 /* no flags */);
- } while (getrandom_ret == -1 && errno == EINTR);
-
- if (getrandom_ret == 1) {
- urandom_fd = kHaveGetrandom;
- return;
- }
- }
-#endif /* USE_SYS_getrandom */
-
- if (fd == kUnset) {
+ if (fd == -2) {
do {
fd = open("/dev/urandom", O_RDONLY);
} while (fd == -1 && errno == EINTR);
@@ -180,9 +156,7 @@
CRYPTO_STATIC_MUTEX_unlock_write(&requested_lock);
CRYPTO_once(&once, init_once);
- if (urandom_fd == kHaveGetrandom) {
- close(fd);
- } else if (urandom_fd != fd) {
+ if (urandom_fd != fd) {
abort(); // Already initialized.
}
}
@@ -194,7 +168,7 @@
abort();
}
} else {
- fd = kUnset;
+ fd = -2;
}
CRYPTO_STATIC_MUTEX_lock_write(&requested_lock);
@@ -203,16 +177,8 @@
CRYPTO_STATIC_MUTEX_unlock_write(&requested_lock);
CRYPTO_once(&once, init_once);
- if (urandom_buffering != 1) {
- abort(); // Already initialized
- }
-
- if (fd >= 0) {
- if (urandom_fd == kHaveGetrandom) {
- close(fd);
- } else if (urandom_fd != fd) {
- abort(); // Already initialized.
- }
+ if (urandom_buffering != 1 || (fd >= 0 && urandom_fd != fd)) {
+ abort(); // Already initialized.
}
}
@@ -243,19 +209,9 @@
ssize_t r;
while (len > 0) {
- if (urandom_fd == kHaveGetrandom) {
-#if defined(USE_SYS_getrandom)
- do {
- r = syscall(SYS_getrandom, out, len, 0 /* no flags */);
- } while (r == -1 && errno == EINTR);
-#else
- abort();
-#endif
- } else {
- do {
- r = read(urandom_fd, out, len);
- } while (r == -1 && errno == EINTR);
- }
+ do {
+ r = read(urandom_fd, out, len);
+ } while (r == -1 && errno == EINTR);
if (r <= 0) {
return 0;
