[hurd,commited] hurd: Make getrandom a stub inside the random translator
Checks
Commit Message
glibc uses /dev/urandom for getrandom(), and from version 2.34 malloc
initialization uses it. We have to detect when we are running the random
translator itself, in which case we can't read ourself.
---
sysdeps/mach/hurd/getrandom.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
Comments
On Fri, 31 Dec 2021, Samuel Thibault wrote:
> +extern char *trivfs_server_name __attribute__((weak));
This looks like it has caused many linknamespace test failures, of the
form:
[initial] __assert_fail -> [libc.a(assert.o)] free -> [libc.a(malloc.o)] __getrandom -> [libc.a(getrandom.o)] trivfs_server_name
Joseph Myers, le ven. 31 déc. 2021 20:24:02 +0000, a ecrit:
> On Fri, 31 Dec 2021, Samuel Thibault wrote:
>
> > +extern char *trivfs_server_name __attribute__((weak));
>
> This looks like it has caused many linknamespace test failures, of the
> form:
>
> [initial] __assert_fail -> [libc.a(assert.o)] free -> [libc.a(malloc.o)] __getrandom -> [libc.a(getrandom.o)] trivfs_server_name
Uh, weak references are red-flagged?
Where should I white-flag these?
Samuel
* Samuel Thibault via Libc-alpha:
> Joseph Myers, le ven. 31 déc. 2021 20:24:02 +0000, a ecrit:
>> On Fri, 31 Dec 2021, Samuel Thibault wrote:
>>
>> > +extern char *trivfs_server_name __attribute__((weak));
>>
>> This looks like it has caused many linknamespace test failures, of the
>> form:
>>
>> [initial] __assert_fail -> [libc.a(assert.o)] free -> [libc.a(malloc.o)] __getrandom -> [libc.a(getrandom.o)] trivfs_server_name
>
> Uh, weak references are red-flagged?
They are. A symbol collision will break glibc functionality because
the application scribbles over the internal variable.
> Where should I white-flag these?
You need to rename the symbol to __trivfs_server_name.
Florian Weimer, le ven. 31 déc. 2021 21:45:18 +0100, a ecrit:
> * Samuel Thibault via Libc-alpha:
> > Joseph Myers, le ven. 31 déc. 2021 20:24:02 +0000, a ecrit:
> >> On Fri, 31 Dec 2021, Samuel Thibault wrote:
> >>
> >> > +extern char *trivfs_server_name __attribute__((weak));
> >>
> >> This looks like it has caused many linknamespace test failures, of the
> >> form:
> >>
> >> [initial] __assert_fail -> [libc.a(assert.o)] free -> [libc.a(malloc.o)] __getrandom -> [libc.a(getrandom.o)] trivfs_server_name
> >
> > Uh, weak references are red-flagged?
>
> They are. A symbol collision will break glibc functionality because
> the application scribbles over the internal variable.
>
> > Where should I white-flag these?
>
> You need to rename the symbol to __trivfs_server_name.
Ok, done so!
Samuel
@@ -21,6 +21,8 @@
#include <unistd.h>
#include <not-cancel.h>
+extern char *trivfs_server_name __attribute__((weak));
+
/* Write up to LENGTH bytes of randomness starting at BUFFER.
Return the number of bytes written, or -1 on error. */
ssize_t
@@ -31,6 +33,17 @@ __getrandom (void *buffer, size_t length, unsigned int flags)
size_t amount_read;
int fd;
+ if (&trivfs_server_name && trivfs_server_name
+ && trivfs_server_name[0] == 'r'
+ && trivfs_server_name[1] == 'a'
+ && trivfs_server_name[2] == 'n'
+ && trivfs_server_name[3] == 'd'
+ && trivfs_server_name[4] == 'o'
+ && trivfs_server_name[5] == 'm'
+ && trivfs_server_name[6] == '\0')
+ /* We are random, don't try to read ourselves! */
+ return length;
+
if (flags & GRND_RANDOM)
random_source = "/dev/random";