X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/9332366ee32e7c89e9d2fabbe9755cbd86877127..HEAD:/rand/noise.c diff --git a/rand/noise.c b/rand/noise.c index ee2adcce..c120e6f2 100644 --- a/rand/noise.c +++ b/rand/noise.c @@ -29,11 +29,13 @@ #include "config.h" +#include #include #include #include #include #include +#include #include #include @@ -46,6 +48,11 @@ # include #endif +#if defined(HAVE_LINUX_RANDOM_H) +# include +# include +#endif + #include #include #include @@ -58,7 +65,28 @@ /*----- Magical numbers ---------------------------------------------------*/ #define NOISE_KIDLIFE 100000 /* @noise_filter@ child lifetime */ -#define MILLION 1000000 /* One million */ + +#if HAVE_CLOCK_GETTIME && _POSIX_TIMERS > 0 +# define TIMESTRUCT timespec +# define tv_SEC tv_sec +# define tv_FRAC tv_nsec +# define TIMERES 1000000000 +# if _POSIX_MONOTONIC_CLOCK > 0 +# define GETTIME(tv) (clock_gettime(CLOCK_MONOTONIC, (tv))) +# else +# define GETTIME(tv) (clock_gettime(CLOCK_REALTIME, (tv))) +# endif +# define TOTIMEVAL(tv, xx) \ + ((tv)->tv_sec = (xx)->tv_sec, \ + (tv)->tv_usec = ((xx)->tv_nsec + 500)/1000) +#else +# define TIMESTRUCT timeval +# define tv_SEC tv_sec +# define tv_FRAC tv_usec +# define TIMERES 1000000 +# define GETTIME(tv) (gettimeofday((tv), 0)) +# define TOTIMEVAL(tv, xx) (*(tv) = *(xx)) +#endif /*----- Noise source definition -------------------------------------------*/ @@ -100,20 +128,20 @@ static int bitcount(unsigned long x) /* --- @timer@ --- * * * Arguments: @rand_pool *r@ = pointer to randomness pool - * @struct timeval *tv@ = pointer to time block + * @const struct TIMESTRUCT *tv@ = pointer to time block * * Returns: Nonzero if some randomness was contributed. * * Use: Low-level timer contributor. */ -static int timer(rand_pool *r, struct timeval *tv) +static int timer(rand_pool *r, const struct TIMESTRUCT *tv) { unsigned long x, d, dd; int de, dde; int ret; - x = tv->tv_usec + MILLION * tv->tv_sec; + x = tv->tv_FRAC + TIMERES*tv->tv_SEC; d = x ^ noise_last; dd = d ^ noise_diff; noise_last = x; @@ -140,9 +168,8 @@ static int timer(rand_pool *r, struct timeval *tv) int noise_timer(rand_pool *r) { - struct timeval tv; - gettimeofday(&tv, 0); - return (timer(r, &tv)); + struct TIMESTRUCT tv; + GETTIME(&tv); return (timer(r, &tv)); } /* --- @noise_devrandom@ --- * @@ -157,11 +184,57 @@ int noise_timer(rand_pool *r) int noise_devrandom(rand_pool *r) { - int fd; + int fd = -1; octet buf[RAND_POOLSZ]; ssize_t len; size_t n = 0; int ret = 0; +#ifdef __linux__ + fd_set infd; + struct timeval tv = { 0, 0 }; +#endif +#ifdef HAVE_GETENTROPY + size_t nn; +#endif + +#if defined(HAVE_LINUX_RANDOM_H) && \ + defined(GRND_NONBLOCK) && \ + defined(SYS_getrandom) + /* --- Use the new shinies if available --- */ + + while (n < sizeof(buf)) { + if ((len = syscall(SYS_getrandom, buf + n, sizeof(buf) - n, + GRND_NONBLOCK)) <= 0) { + if (errno == ENOSYS) break; + else goto done; + } + n += len; + } + if (n == sizeof(buf)) goto win; +#endif + +#ifdef HAVE_GETENTROPY + /* --- OpenBSD-flavoured shinies --- */ + + while (n < sizeof(buf)) { + nn = sizeof(buf) - n; + if (nn > 256) nn = 256; + if (getentropy(buf + n, nn)) break; + n += nn; + } + if (n == sizeof(buf)) goto win; +#endif + +#ifdef __linux__ + /* --- Don't take from `/dev/urandom' if `/dev/random' would block --- */ + + if ((fd = open("/dev/random", O_RDONLY | O_NONBLOCK)) < 0) goto done; + FD_ZERO(&infd); + FD_SET(fd, &infd); + if (select(fd + 1, &infd, 0, 0, &tv) < 0 || !FD_ISSET(fd, &infd)) + goto done; + close(fd); fd = -1; +#endif /* --- Be nice to other clients of the random device --- * * @@ -171,18 +244,24 @@ int noise_devrandom(rand_pool *r) * needs to get some more entropy from somewhere. */ - if ((fd = open("/dev/urandom", O_RDONLY | O_NONBLOCK)) >= 0 || + if (fd >= 0 || + (fd = open("/dev/urandom", O_RDONLY | O_NONBLOCK)) >= 0 || (fd = open("/dev/arandom", O_RDONLY | O_NONBLOCK)) >= 0 || (fd = open("/dev/random", O_RDONLY | O_NONBLOCK)) >= 0) { while (n < sizeof(buf)) { if ((len = read(fd, buf + n, sizeof(buf) - n)) <= 0) break; n += len; } - rand_add(r, buf, n, n * 8); - BURN(buf); - if (n == sizeof(buf)) ret = 1; - close(fd); + if (n == sizeof(buf)) goto win; } + goto done; + +win: + ret = 1; +done: + if (fd >= 0) close(fd); + rand_add(r, buf, n, 8*n); + BURN(buf); noise_timer(r); return (ret); } @@ -261,6 +340,7 @@ int noise_filter(rand_pool *r, int good, const char *c) pid_t kid; int fd[2]; struct timeval dead; + struct TIMESTRUCT now; int ret = 0; struct noisekid nk = { 0 }; sel_state sel; @@ -273,8 +353,8 @@ int noise_filter(rand_pool *r, int good, const char *c) /* --- Remember when this business started --- */ - gettimeofday(&dead, 0); - timer(r, &dead); + GETTIME(&now); timer(r, &now); + TOTIMEVAL(&dead, &now); /* --- Create a pipe --- */ @@ -308,16 +388,15 @@ int noise_filter(rand_pool *r, int good, const char *c) /* --- Play games with uids --- */ if (noise_gid != NOISE_NOSETGID) { - setgid(noise_gid); - setegid(noise_gid); + if (setgid(noise_gid) || setegid(noise_gid) #ifdef HAVE_SETGROUPS - setgroups(1, &noise_gid); + || setgroups(1, &noise_gid) #endif + ) _exit(127); } if (noise_uid != NOISE_NOSETUID) { - setuid(noise_uid); - seteuid(noise_uid); + if (setuid(noise_uid) || seteuid(noise_uid)) _exit(127); } /* --- Start the process up --- */