aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@protonmail.com>2019-12-05 15:14:24 +0100
committerWladimir J. van der Laan <laanwj@protonmail.com>2019-12-05 15:14:42 +0100
commit6fff333c9f00cf379562ed38c2599997f9821cfb (patch)
tree6f15049cb00f89df5274f4bb012095e3d6c96b28 /src
parent5aee0e2163cc02cdf1cd6bec69bfbb513bb302d5 (diff)
parent55b2cb199c276781b6daa5438af2da57dea3ac52 (diff)
Merge #17507: random: mark RandAddPeriodic and SeedPeriodic as noexcept
55b2cb199c276781b6daa5438af2da57dea3ac52 random: mark RandAddPeriodic and SeedPeriodic as noexcept (fanquake) 461e547877da0c04db69e067c923cc4540aab03a doc: correct random.h docs after #17270 (fanquake) Pull request description: The usage of `MilliSleep()` in SeedPeriodic (previously SeedSleep) was [removed](https://github.com/bitcoin/bitcoin/pull/17270/commits/d61f2bb076d8f17840a8e79f1583d7f6e3e6d09a) in #17270, meaning it, and its users can now be marked `noexcept`. This also corrects the docs in random.h for some of the changes in #17270. ACKs for top commit: practicalswift: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 laanwj: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 sipa: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 Tree-SHA512: 672d369796e7c4f9b4d98dc545e5454999fa1bef373871994a26041d6163c58909e2255e4f820d3ef011679aa3392754eb57477306a89f5fd3d57e2bd7f0811a
Diffstat (limited to 'src')
-rw-r--r--src/random.cpp18
-rw-r--r--src/random.h16
2 files changed, 12 insertions, 22 deletions
diff --git a/src/random.cpp b/src/random.cpp
index 09777237c2..fd1dfe506f 100644
--- a/src/random.cpp
+++ b/src/random.cpp
@@ -179,7 +179,7 @@ static uint64_t GetRdSeed() noexcept
/* Access to other hardware random number generators could be added here later,
* assuming it is sufficiently fast (in the order of a few hundred CPU cycles).
* Slower sources should probably be invoked separately, and/or only from
- * RandAddSeedSleep (which is called during idle background operation).
+ * RandAddPeriodic (which is called once a minute).
*/
static void InitHardwareRand() {}
static void ReportHardwareRand() {}
@@ -416,17 +416,7 @@ RNGState& GetRNGState() noexcept
/* A note on the use of noexcept in the seeding functions below:
*
- * None of the RNG code should ever throw any exception, with the sole exception
- * of MilliSleep in SeedSleep, which can (and does) support interruptions which
- * cause a boost::thread_interrupted to be thrown.
- *
- * This means that SeedSleep, and all functions that invoke it are throwing.
- * However, we know that GetRandBytes() and GetStrongRandBytes() never trigger
- * this sleeping logic, so they are noexcept. The same is true for all the
- * GetRand*() functions that use GetRandBytes() indirectly.
- *
- * TODO: After moving away from interruptible boost-based thread management,
- * everything can become noexcept here.
+ * None of the RNG code should ever throw any exception.
*/
static void SeedTimestamp(CSHA512& hasher) noexcept
@@ -498,7 +488,7 @@ static void SeedStrengthen(CSHA512& hasher, RNGState& rng, int microseconds) noe
Strengthen(strengthen_seed, microseconds, hasher);
}
-static void SeedPeriodic(CSHA512& hasher, RNGState& rng)
+static void SeedPeriodic(CSHA512& hasher, RNGState& rng) noexcept
{
// Everything that the 'fast' seeder includes
SeedFast(hasher);
@@ -575,7 +565,7 @@ static void ProcRand(unsigned char* out, int num, RNGLevel level)
void GetRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::FAST); }
void GetStrongRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::SLOW); }
-void RandAddPeriodic() { ProcRand(nullptr, 0, RNGLevel::PERIODIC); }
+void RandAddPeriodic() noexcept { ProcRand(nullptr, 0, RNGLevel::PERIODIC); }
void RandAddEvent(const uint32_t event_info) {
LOCK(events_mutex);
diff --git a/src/random.h b/src/random.h
index b6e70fcb1f..82dd6ecf9f 100644
--- a/src/random.h
+++ b/src/random.h
@@ -40,17 +40,17 @@
* These entropy sources are slower, but designed to make sure the RNG state contains
* fresh data that is unpredictable to attackers.
*
- * - RandAddSeedSleep() seeds everything that fast seeding includes, but additionally:
- * - A high-precision timestamp before and after sleeping 1ms.
- * - (On Windows) Once every 10 minutes, performance monitoring data from the OS.
- - - Once every minute, strengthen the entropy for 10 ms using repeated SHA512.
- * These just exploit the fact the system is idle to improve the quality of the RNG
- * slightly.
+ * - RandAddPeriodic() seeds everything that fast seeding includes, but additionally:
+ * - A high-precision timestamp
+ * - Dynamic environment data (performance monitoring, ...)
+ * - Strengthen the entropy for 10 ms using repeated SHA512.
+ * This is run once every minute.
*
* On first use of the RNG (regardless of what function is called first), all entropy
* sources used in the 'slow' seeder are included, but also:
* - 256 bits from the hardware RNG (rdseed or rdrand) when available.
- * - (On Windows) Performance monitoring data from the OS.
+ * - Dynamic environment data (performance monitoring, ...)
+ * - Static environment data
* - Strengthen the entropy for 100 ms using repeated SHA512.
*
* When mixing in new entropy, H = SHA512(entropy || old_rng_state) is computed, and
@@ -87,7 +87,7 @@ void GetStrongRandBytes(unsigned char* buf, int num) noexcept;
*
* Thread-safe.
*/
-void RandAddPeriodic();
+void RandAddPeriodic() noexcept;
/**
* Gathers entropy from the low bits of the time at which events occur. Should