system: use getrandom() and fallback on urandom if syscall doesn't work #1280
Conversation
Why would it change depending on the compiler? |
|
I have no idea, I get this kind of error for example when:
Even more funny: building with ICC from Ubuntu 24.04 Noble (bind mount on the compiler folder) in Ubuntu 22.10 Kinetic chroot onside Ubuntu Noble and running on Ubuntu Noble doesn't reproduce the error… I guess some libc mismatch or things like that may happen… |
illwieckz
changed the title
illwieckz
force-pushed
the
illwieckz/getrandom
branch
from
9aa1230
to
d4b5104
Compare
|
I noticed that if I do Anyway, I investigated more and the I also don't know what this randomness is for, but such fallback can't harm. For reference here is the PR that added the feature: Discussion happened there: Actually, the only expected situation where the syscall would not work is that if the kernel is 10 years old, which is unlikely, but in case we face again a weird bug like the one I faced, it looks harmless to keep the fallback. Edit: Also I noticed my initial code had an obvious bug, it was doing the fallback only if it succeeded… 🤦♀️️ It's now fixed. |
illwieckz
force-pushed
the
illwieckz/getrandom
branch
from
d4b5104
to
2b55034
Compare
illwieckz
force-pushed
the
illwieckz/getrandom
branch
2 times, most recently
from
9b81592
to
a7f658f
Compare
|
Just for the knowledge, the error I was getting before with |
illwieckz
force-pushed
the
illwieckz/getrandom
branch
from
a7f658f
to
422d567
Compare
illwieckz
force-pushed
the
illwieckz/getrandom
branch
from
422d567
to
e667691
Compare
|
LGTM |
Sometime with less common compilers I get an error about
getrandomsyscall failures, but we already have an alternate implementation. It happens that the checks is currently done at build time, but then even if the headers are there, it may fail at run time. So we technically can try the syscall then the urandom read if the syscall fails.What I don't know though, is that if doing that is reducing security or not.