From patchwork Mon Jan 4 17:03:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adhemerval Zanella X-Patchwork-Id: 41631 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id DA7EA3840C2D; Mon, 4 Jan 2021 17:04:00 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org DA7EA3840C2D DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1609779840; bh=l8x9yv4mgsIUUrXm0xalfVT1Axj4C9cxjMpmxsRk9s4=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=BgSPca2jD/xIQWymvEgXnBA7gIr+BeqaVRBo8DE43M3HMo4fNpF16pBp/8JBlvhWA A4rhCahZdxewziWyz1F21pqyBcT5YfFkSPgADQJ9G2vgevo42rfFTx+7yHaltHWz2i AOo1K1tXknOReABF8cC1Sd7nbTKr0UiLlHrlr6c4= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-qt1-x830.google.com (mail-qt1-x830.google.com [IPv6:2607:f8b0:4864:20::830]) by sourceware.org (Postfix) with ESMTPS id 5C902388A827 for ; Mon, 4 Jan 2021 17:03:57 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 5C902388A827 Received: by mail-qt1-x830.google.com with SMTP id 2so18921331qtt.10 for ; Mon, 04 Jan 2021 09:03:57 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=l8x9yv4mgsIUUrXm0xalfVT1Axj4C9cxjMpmxsRk9s4=; b=RmQJzgMpyycMjl+LeYFp89gAYw/gRdZplAPcTxfQfvLZJw9qsKTIYO07Aacr+x9NZp pczL4Nns6NCMs8HP6EjQ/48sQuE1RisKoRLIzS+NqYFzsQXKwaaFX/BTysl23XFD6Xpl m3PI9+rDxp3MNKucZTYaLNqr01m9nj3IWDmtmWcMXE7lZqDfNafF+TtV3/q3cNeEvABT 3IAWoexKrdWUXW9g8NYBguoTuXL8/yFd5f0bY+AVBXdjTVQCLI/ASIogRNeLtAilnNaG 6JUr/ZJx+EB1onsuY3w7kNds8yO+1AJxm0QstEGvpkMAtdn5riW6TzOeHWkcP9rCFdcr r4sQ== X-Gm-Message-State: AOAM5325qCtKqsjWNHqfgAlvk3ELPIv7hCh1q1vt1aro6BKtXQCCXW6E 7Jlm/y7d+L8DqXnbYSNSm/PX8NVjYtGesQ== X-Google-Smtp-Source: ABdhPJwaglf2WLm0ARkZGZ1NBkIQA/IYRT5Mh8XcFEb3kEYjuHvUe/j3jJK6WlxgS1JCUNnodUrsGw== X-Received: by 2002:a05:622a:142:: with SMTP id v2mr72083312qtw.169.1609779836827; Mon, 04 Jan 2021 09:03:56 -0800 (PST) Received: from localhost.localdomain ([177.194.48.209]) by smtp.googlemail.com with ESMTPSA id w8sm39044644qts.50.2021.01.04.09.03.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Jan 2021 09:03:56 -0800 (PST) To: libc-alpha@sourceware.org, Paul Eggert Subject: [PATCH 2/2] posix: Improve randomness on try_tempname_len Date: Mon, 4 Jan 2021 14:03:49 -0300 Message-Id: <20210104170349.3681241-2-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210104170349.3681241-1-adhemerval.zanella@linaro.org> References: <20210104170349.3681241-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-13.7 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Adhemerval Zanella via Libc-alpha From: Adhemerval Zanella Reply-To: Adhemerval Zanella Cc: bug-gnulib@gnu.org Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" For __GT_NOCREATE (mktemp, tempnam, tmpnam) getrandom is also used on first try, otherwise randomness is obtained using the clock plus a linear congruential generator. Also for getrandom GRND_NONBLOCK is used to avoid blocking indefinitely on some older kernels. Checked on x86_64-linux-gnu. --- sysdeps/posix/tempname.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/sysdeps/posix/tempname.c b/sysdeps/posix/tempname.c index 193d791103..06db694181 100644 --- a/sysdeps/posix/tempname.c +++ b/sysdeps/posix/tempname.c @@ -76,10 +76,11 @@ typedef uint_fast64_t random_value; #define BASE_62_POWER (62LL * 62 * 62 * 62 * 62 * 62 * 62 * 62 * 62 * 62) static random_value -random_bits (random_value var) +random_bits (random_value var, bool use_getrandom) { random_value r; - if (__getrandom (&r, sizeof r, 0) == sizeof r) + /* Without GRND_NONBLOCK it can be blocked for minutes on some systems. */ + if (use_getrandom && __getrandom (&r, sizeof r, GRND_NONBLOCK) == sizeof r) return r; #if _LIBC || (defined CLOCK_MONOTONIC && HAVE_CLOCK_GETTIME) /* Add entropy if getrandom is not supported. */ @@ -263,9 +264,10 @@ try_tempname_len (char *tmpl, int suffixlen, void *args, some entropy from the ASLR and ignore possible bits from the stack alignment. */ random_value v = ((uintptr_t) &v) / alignof (max_align_t); + v = random_bits (v, tryfunc == try_nocreate); /* How many random base-62 digits can currently be extracted from V. */ - int vdigits = 0; + int vdigits = BASE_62_DIGITS; /* Least unfair value for V. If V is less than this, V can generate BASE_62_DIGITS digits fairly. Otherwise it might be biased. */ @@ -290,7 +292,7 @@ try_tempname_len (char *tmpl, int suffixlen, void *args, if (vdigits == 0) { do - v = random_bits (v); + v = random_bits (v, true); while (unfair_min <= v); vdigits = BASE_62_DIGITS;