diff mbox series

[hurd,commited] hurd: Make getrandom a stub inside the random translator

Message ID 20211231075457.1378924-1-samuel.thibault@ens-lyon.org
State Committed, archived
Headers
Series [hurd,commited] hurd: Make getrandom a stub inside the random translator |

Checks

Context Check Description
dj/TryBot-apply_patch fail Patch failed to apply to master at the time it was sent
dj/TryBot-32bit fail Patch series failed to apply

Commit Message

Samuel Thibault Dec. 31, 2021, 7:54 a.m. UTC 
  glibc uses /dev/urandom for getrandom(), and from version 2.34 malloc
initialization uses it. We have to detect when we are running the random
translator itself, in which case we can't read ourself.
---
 sysdeps/mach/hurd/getrandom.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

Comments

Joseph Myers Dec. 31, 2021, 8:24 p.m. UTC | #1 
On Fri, 31 Dec 2021, Samuel Thibault wrote:

> +extern char *trivfs_server_name __attribute__((weak));

This looks like it has caused many linknamespace test failures, of the 
form:

[initial] __assert_fail -> [libc.a(assert.o)] free -> [libc.a(malloc.o)] __getrandom -> [libc.a(getrandom.o)] trivfs_server_name
Samuel Thibault Dec. 31, 2021, 8:27 p.m. UTC | #2 
Joseph Myers, le ven. 31 déc. 2021 20:24:02 +0000, a ecrit:
> On Fri, 31 Dec 2021, Samuel Thibault wrote:
> 
> > +extern char *trivfs_server_name __attribute__((weak));
> 
> This looks like it has caused many linknamespace test failures, of the 
> form:
> 
> [initial] __assert_fail -> [libc.a(assert.o)] free -> [libc.a(malloc.o)] __getrandom -> [libc.a(getrandom.o)] trivfs_server_name

Uh, weak references are red-flagged?

Where should I white-flag these?

Samuel
Florian Weimer Dec. 31, 2021, 8:45 p.m. UTC | #3 
* Samuel Thibault via Libc-alpha:

> Joseph Myers, le ven. 31 déc. 2021 20:24:02 +0000, a ecrit:
>> On Fri, 31 Dec 2021, Samuel Thibault wrote:
>> 
>> > +extern char *trivfs_server_name __attribute__((weak));
>> 
>> This looks like it has caused many linknamespace test failures, of the 
>> form:
>> 
>> [initial] __assert_fail -> [libc.a(assert.o)] free -> [libc.a(malloc.o)] __getrandom -> [libc.a(getrandom.o)] trivfs_server_name
>
> Uh, weak references are red-flagged?

They are.  A symbol collision will break glibc functionality because
the application scribbles over the internal variable.

> Where should I white-flag these?

You need to rename the symbol to __trivfs_server_name.
Samuel Thibault Jan. 1, 2022, 4:54 p.m. UTC | #4 
Florian Weimer, le ven. 31 déc. 2021 21:45:18 +0100, a ecrit:
> * Samuel Thibault via Libc-alpha:
> > Joseph Myers, le ven. 31 déc. 2021 20:24:02 +0000, a ecrit:
> >> On Fri, 31 Dec 2021, Samuel Thibault wrote:
> >> 
> >> > +extern char *trivfs_server_name __attribute__((weak));
> >> 
> >> This looks like it has caused many linknamespace test failures, of the 
> >> form:
> >> 
> >> [initial] __assert_fail -> [libc.a(assert.o)] free -> [libc.a(malloc.o)] __getrandom -> [libc.a(getrandom.o)] trivfs_server_name
> >
> > Uh, weak references are red-flagged?
> 
> They are.  A symbol collision will break glibc functionality because
> the application scribbles over the internal variable.
> 
> > Where should I white-flag these?
> 
> You need to rename the symbol to __trivfs_server_name.

Ok, done so!

Samuel
diff mbox series

Patch

diff --git a/sysdeps/mach/hurd/getrandom.c b/sysdeps/mach/hurd/getrandom.c
index 645f2930b7..24f9ac60f7 100644
--- a/sysdeps/mach/hurd/getrandom.c
+++ b/sysdeps/mach/hurd/getrandom.c
@@ -21,6 +21,8 @@ 
 #include <unistd.h>
 #include <not-cancel.h>
 
+extern char *trivfs_server_name __attribute__((weak));
+
 /* Write up to LENGTH bytes of randomness starting at BUFFER.
    Return the number of bytes written, or -1 on error.  */
 ssize_t
@@ -31,6 +33,17 @@  __getrandom (void *buffer, size_t length, unsigned int flags)
   size_t amount_read;
   int fd;
 
+  if (&trivfs_server_name && trivfs_server_name
+      && trivfs_server_name[0] == 'r'
+      && trivfs_server_name[1] == 'a'
+      && trivfs_server_name[2] == 'n'
+      && trivfs_server_name[3] == 'd'
+      && trivfs_server_name[4] == 'o'
+      && trivfs_server_name[5] == 'm'
+      && trivfs_server_name[6] == '\0')
+    /* We are random, don't try to read ourselves!  */
+    return length;
+
   if (flags & GRND_RANDOM)
     random_source = "/dev/random";