[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: [PATCH] seedrng: limit poolsize to 256 bytes and document flock() usage
From: "Jason A. Donenfeld" <Jason () zx2c4 ! com>
Date: 2022-04-29 12:48:12
Message-ID: 20220429124812.2404785-1-Jason () zx2c4 ! com
[Download RAW message or body]
Rather than having getrandom() be called in a loop that handles EINTR --
which would require more code bloat -- we just limit the maximum seed
size to 256 bytes, which the kernel guarantees won't be interrupted.
Additionally document the flock() usage so that somebody doesn't remove
it.
Cc: Denys Vlasenko <vda.linux@googlemail.com>
Cc: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
util-linux/seedrng.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/util-linux/seedrng.c b/util-linux/seedrng.c
index c42274759..1257cd941 100644
--- a/util-linux/seedrng.c
+++ b/util-linux/seedrng.c
@@ -56,7 +56,7 @@
enum {
MIN_SEED_LEN = SHA256_OUTSIZE,
- MAX_SEED_LEN = 512
+ MAX_SEED_LEN = 256 /* Maximum size of getrandom() call without EINTR. */
};
static size_t determine_optimal_seed_len(void)
@@ -190,6 +190,8 @@ int seedrng_main(int argc UNUSED_PARAM, char *argv[])
if (mkdir(seed_dir, 0700) < 0 && errno != EEXIST)
bb_perror_msg_and_die("can't %s seed directory", "create");
dfd = open(seed_dir, O_DIRECTORY | O_RDONLY);
+ /* The flock() here is absolutely necessary, as the consistency of this
+ * program breaks down with concurrent uses. */
if (dfd < 0 || flock(dfd, LOCK_EX) < 0)
bb_perror_msg_and_die("can't %s seed directory", "lock");
xfchdir(dfd);
--
2.35.1
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic