Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make unpredictableSeed use getrandom (syscall) on Linux #10623

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Make unpredictableSeed use getrandom (syscall) on Linux #10623

wants to merge 1 commit into from

Conversation

0xEAB
Copy link
Member

@0xEAB 0xEAB commented Jan 19, 2025

This patch changes unpredictableSeed to use the getrandom syscall on Linux.

Currently, unpredictableSeed calls arc4random() on applicable BSD systems;
for everything else it executes RDRAND on InlineAsm_X86_Any-compatible targets or falls back to a homebrew solution.

@0xEAB 0xEAB added Severity:Enhancement OS:Linux Issues specific to Linux labels Jan 19, 2025
@0xEAB 0xEAB requested a review from LightBender January 19, 2025 00:55
@dlang-bot
Copy link
Contributor

Thanks for your pull request, @0xEAB!

Bugzilla references

Your PR doesn't reference any Bugzilla issue.

If your PR contains non-trivial changes, please reference a Bugzilla issue or create a manual changelog.

Testing this PR locally

If you don't have a local development environment setup, you can use Digger to test this PR:

dub run digger -- build "master + phobos#10623"

@rikkimax
Copy link
Contributor

That function needs a warning.

It is possible that the kernel may not have enough entropy stored to give a value.

You want to call it sparingly and only after the system has been booted fully.

@0xEAB
Copy link
Member Author

0xEAB commented Jan 19, 2025

and only after the system has been booted fully.

I don’t think this is accurate.
Quoting random(4):

When read during early boot time, /dev/urandom may return data prior to the entropy pool being initialized.

And also:

If this is of concern in your application, use getrandom(2) […] instead.

@rikkimax
Copy link
Contributor

Yes, during booting it may be empty. Once initialized the chance of it to be empty depends upon if it has been misused.

In any case, a warning is needed ;)

@0xEAB 0xEAB force-pushed the unpredictable-seed branch from 6fc083d to e1ace22 Compare January 19, 2025 02:10
@0xEAB 0xEAB requested a review from rikkimax January 19, 2025 02:10
@0xEAB 0xEAB force-pushed the unpredictable-seed branch from e1ace22 to 20b2d00 Compare January 19, 2025 02:12
@0xEAB
Copy link
Member Author

0xEAB commented Jan 19, 2025

@rikkimax
I’ve added further notes and a randomnes-quality warning. Please check whether you consider those sufficient.

@everyone
Please spell/grammar check those new paragraphs of technobabble.

@0xEAB 0xEAB force-pushed the unpredictable-seed branch from 20b2d00 to 83cb01f Compare January 19, 2025 02:17
@rikkimax
Copy link
Contributor

@rikkimax
I’ve added further notes and a randomnes-quality warning. Please check whether you consider those sufficient.

You have gone above and beyond what I was wanting!

Good job.

thewilsonator
thewilsonator reviewed Jan 19, 2025
View reviewed changes
std/random.d Outdated
/**
A "good" seed for initializing random number engines. Initializing
with $(D_PARAM unpredictableSeed) makes engines generate different
random number sequences every run.

This function utilizes the system (CS-)PRNG where available and implemented
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use "(cryptographically secure) pseudo-random number generator" and introduce the acronym, and then use it throughout (rather than using the acronym first, and then spelling it out later).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated to:

This function utilizes the system cryptographically-secure pseudo-random
number generator (CSPRNG) or pseudo-random number generator (PRNG)
where available and implemented (currently arc4random on applicable BSD
systems or getrandom on Linux) to generate “high quality” pseudo-random
numbers – if possible.

@0xEAB 0xEAB mentioned this pull request Jan 19, 2025
Draft
@0xEAB 0xEAB force-pushed the unpredictable-seed branch from 83cb01f to d7c61f3 Compare January 19, 2025 04:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thewilsonator thewilsonator thewilsonator approved these changes

@rikkimax rikkimax rikkimax approved these changes

@LightBender LightBender Awaiting requested review from LightBender

Assignees
No one assigned
Labels
Merge:auto-merge OS:Linux Issues specific to Linux Severity:Enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@0xEAB @dlang-bot @rikkimax @thewilsonator