diff options
Diffstat (limited to 'crypto/random-platform.c')
-rw-r--r-- | crypto/random-platform.c | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/crypto/random-platform.c b/crypto/random-platform.c index 6df40744c7..cb3ca1bc09 100644 --- a/crypto/random-platform.c +++ b/crypto/random-platform.c @@ -27,7 +27,11 @@ #include <wincrypt.h> static HCRYPTPROV hCryptProv; #else -static int fd; /* a file handle to either /dev/urandom or /dev/random */ +# ifdef CONFIG_GETRANDOM +# include <sys/random.h> +# endif +/* This is -1 for getrandom(), or a file handle for /dev/{u,}random. */ +static int fd; #endif int qcrypto_random_init(Error **errp) @@ -40,15 +44,20 @@ int qcrypto_random_init(Error **errp) return -1; } #else - /* TBD perhaps also add support for BSD getentropy / Linux - * getrandom syscalls directly */ +# ifdef CONFIG_GETRANDOM + if (getrandom(NULL, 0, 0) == 0) { + /* Use getrandom() */ + fd = -1; + return 0; + } + /* Fall through to /dev/urandom case. */ +# endif fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC); if (fd == -1 && errno == ENOENT) { fd = open("/dev/random", O_RDONLY | O_CLOEXEC); } - if (fd < 0) { - error_setg(errp, "No /dev/urandom or /dev/random found"); + error_setg_errno(errp, errno, "No /dev/urandom or /dev/random"); return -1; } #endif @@ -66,6 +75,24 @@ int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED, return -1; } #else +# ifdef CONFIG_GETRANDOM + if (likely(fd < 0)) { + while (1) { + ssize_t got = getrandom(buf, buflen, 0); + if (likely(got == buflen)) { + return 0; + } + if (got >= 0) { + buflen -= got; + buf += got; + } else if (errno != EINTR) { + error_setg_errno(errp, errno, "getrandom"); + return -1; + } + } + } + /* Fall through to /dev/urandom case. */ +# endif while (1) { ssize_t got = read(fd, buf, buflen); if (likely(got == buflen)) { |