[Unbound-users] Using the getrandom syscall introduced with kernel 3.17
brad at comstyle.com
Sun Feb 15 23:59:21 CET 2015
On 02/14/15 08:49, Heiner Kallweit wrote:
> compat/getentropy_linux.c tries to read from /dev/urandom and if this
> fails (e.g. because running chroot'ed) it falls back to some more
> or less messy sysctl's. If this also fails (e.g. because the sysctl
> syscall is disabled in the kernel) it has to bail out.
> Not only unbound suffers from this problem under Linux, therefore
> with kernel 3.17 a new syscall getrandom was introduced.
> IMHO we should try this option at first.
> Works fine here with the latest next kernel and unbound 1.5.1.
> And it also avoids the "using deprecated sysctl .." warning.
> --- getentropy_linux.c.orig 2015-02-14 07:46:09.678095830 +0100
> +++ getentropy_linux.c 2015-02-14 10:26:55.353630895 +0100
> @@ -93,6 +93,13 @@
> return -1;
> +#ifdef SYS_getrandom
> + /* try to use getrandom syscall introduced with kernel 3.17 */
> + ret = syscall(SYS_getrandom, buf, len, 0);
> + if (ret != -1)
> + return (ret);
> +#endif /* SYS_getrandom */
> * Try to get entropy with /dev/urandom
The getentropy() code for Linux within the Unbound tree is old. The
upstream code from the OpenBSD tree has already dealt with using the
new system call 6 months ago. So Wouter just needs to re-sync with
the code from the OpenBSD tree.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Unbound-users