-/* $OpenBSD: getentropy_linux.c,v 1.43 2016/08/07 03:27:21 tb Exp $ */
+/* $OpenBSD: getentropy_linux.c,v 1.44 2017/04/29 18:43:31 beck Exp $ */
/*
* Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
#ifdef SYS_getrandom
/*
- * Try descriptor-less getrandom()
+ * Try descriptor-less getrandom(), in non-blocking mode.
+ *
+ * The design of Linux getrandom is broken. It has an
+ * uninitialized phase coupled with blocking behaviour, which
+ * is unacceptable from within a library at boot time without
+ * possible recovery. See http://bugs.python.org/issue26839#msg267745
*/
ret = getentropy_getrandom(buf, len);
if (ret != -1)
return (ret);
- if (errno != ENOSYS)
- return (-1);
#endif
/*
* - Do the best under the circumstances....
*
* This code path exists to bring light to the issue that Linux
- * does not provide a failsafe API for entropy collection.
+ * still does not provide a failsafe API for entropy collection.
*
* We hope this demonstrates that Linux should either retain their
* sysctl ABI, or consider providing a new failsafe API which
if (len > 256)
return (-1);
do {
- ret = syscall(SYS_getrandom, buf, len, 0);
+ ret = syscall(SYS_getrandom, buf, len, GRND_NONBLOCK);
} while (ret == -1 && errno == EINTR);
if (ret != len)
projects / openbsd / commitdiff