Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The getrandom crate #1

Open
wants to merge 248 commits into
base: main
Choose a base branch
from
Open

The getrandom crate #1

wants to merge 248 commits into from

Conversation

m-ou-se
Copy link
Owner

@m-ou-se m-ou-se commented Apr 11, 2021

No description provided.

dhardy and others added 30 commits January 19, 2019 12:56
Add getrandom wrapper func and documentation
Some of these tests will fail for now!
Arguably the doc links and root URL are wrong, but they
avoid broken links and will do for now.
Also new: impl From<NonZeroU32> for Error
josephlr and others added 21 commits January 3, 2021 20:46
- Cleanup `tests.yml`
- Add better binary downloads
- Add minimal dependancies check
- Add tests for `custom` feature
- Build/Link for iOS
- Run cross tests on aarch64 linux and Android
- Link on Solaris and Netbsd
- Test wasm code on Node, Chrome, Firefox
- Test WASI
- No need for RDRAND feature on VxWorks

Signed-off-by: Joe Richey <[email protected]>
Most of the advantages from testing various Rust versions already come
from running those tests on Linux and Windows. There's very little
gain from also running these tests on macOS, while macOS jobs are the
slowest to schedule.

Signed-off-by: Joe Richey <[email protected]>
Update Github Actions CI for the master branch
See rust-random#194 

This installs (and caches) the emsdk toolchain at the last version compatible w/ stable rust. It also tests on both asmjs and wasm32, uses node by default, and works around an asm.js bug.
See rust-random#194

This uses the fact that `wasm32-unknown-unknown` is an "unsupported" target. This means we can use the `"custom"` feature to define a custom handler, and then write tests to make sure that function is called.
Add fixes for Caching and rustc-dep-of-std feature
Use doc_cfg to improve register_custom_getrandom docs
DragonFly BSD supports the getrandom system call since version 5.7 [1].
Use it if available, otherwise fall back to /dev/random.

[1] https://leaf.dragonflybsd.org/cgi/web-man?command=getrandom

Signed-off-by: Tobias Klauser <[email protected]>
src/error_impls.rs Show resolved Hide resolved
Comment on lines +12 to +20
#[link(name = "zircon")]
extern "C" {
fn zx_cprng_draw(buffer: *mut u8, length: usize);
}

pub fn getrandom_inner(dest: &mut [u8]) -> Result<(), Error> {
unsafe { zx_cprng_draw(dest.as_mut_ptr(), dest.len()) }
Ok(())
}
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️

src/ios.rs Show resolved Hide resolved
Comment on lines +13 to +16
#[link(name = "Security", kind = "framework")]
extern "C" {
fn SecRandomCopyBytes(rnd: *const c_void, count: usize, bytes: *mut u8) -> i32;
}
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️

static RNG_SOURCE: Result<RngSource, Error> = getrandom_init();
);

pub(crate) fn getrandom_inner(dest: &mut [u8]) -> Result<(), Error> {
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not reviewed, since the "js" feature will not be enabled when this is used in std.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is correct, std for wasm32-unknown-unknown cannot assume JavaScript exists.

Comment on lines +49 to +74
// Returns the file descriptor for the device file used to retrieve random
// bytes. The file will be opened exactly once. All successful calls will
// return the same file descriptor. This file descriptor is never closed.
fn get_rng_fd() -> Result<libc::c_int, Error> {
static FD: AtomicUsize = AtomicUsize::new(LazyUsize::UNINIT);
fn get_fd() -> Option<libc::c_int> {
match FD.load(Relaxed) {
LazyUsize::UNINIT => None,
val => Some(val as libc::c_int),
}
}

// Use double-checked locking to avoid acquiring the lock if possible.
if let Some(fd) = get_fd() {
return Ok(fd);
}

// SAFETY: We use the mutex only in this method, and we always unlock it
// before returning, making sure we don't violate the pthread_mutex_t API.
static MUTEX: Mutex = Mutex::new();
unsafe { MUTEX.lock() };
let _guard = DropGuard(|| unsafe { MUTEX.unlock() });

if let Some(fd) = get_fd() {
return Ok(fd);
}
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️

Comment on lines +17 to +18
static GETRANDOM: Weak = unsafe { Weak::new("getrandom\0") };
type GetRandomFn = unsafe extern "C" fn(*mut u8, libc::size_t, libc::c_uint) -> libc::ssize_t;
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be good to add a note that getrandom only appeared in DragonFly 5.7.

#[cfg(target_os = "freebsd")]
{
use crate::util_libc::Weak;
static GETRANDOM: Weak = unsafe { Weak::new("getrandom\0") };
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be good to add a note that getrandom is only available since FreeBSD 12.0.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed. Here and anywhere else we use a fallback implementation, we should note why we use that implementation.

Comment on lines +13 to +31
fn kern_arnd(buf: &mut [u8]) -> libc::ssize_t {
static MIB: [libc::c_int; 2] = [libc::CTL_KERN, libc::KERN_ARND];
let mut len = buf.len();
let ret = unsafe {
libc::sysctl(
MIB.as_ptr(),
MIB.len() as libc::c_uint,
buf.as_mut_ptr() as *mut _,
&mut len,
ptr::null(),
0,
)
};
if ret == -1 {
-1
} else {
len as libc::ssize_t
}
}
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️

static HAS_GETRANDOM: LazyBool = LazyBool::new();
if HAS_GETRANDOM.unsync_init(is_getrandom_available) {
sys_fill_exact(dest, |buf| unsafe {
getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In std, we call this with GRND_NONBLOCK. See my comment in src/use_file.rs.

matthiaskrgr added a commit to matthiaskrgr/rust that referenced this pull request Oct 15, 2021
… r=m-ou-se

updating docs to mention usage of AtomicBool

Mouse mentioned we should point out that atomic bool is used by the std lib these days. ( m-ou-se/getrandom#1 )
matthiaskrgr added a commit to matthiaskrgr/rust that referenced this pull request Oct 15, 2021
… r=m-ou-se

updating docs to mention usage of AtomicBool

Mouse mentioned we should point out that atomic bool is used by the std lib these days. ( m-ou-se/getrandom#1 )
jackh726 added a commit to jackh726/rust that referenced this pull request Oct 16, 2021
… r=m-ou-se

updating docs to mention usage of AtomicBool

Mouse mentioned we should point out that atomic bool is used by the std lib these days. ( m-ou-se/getrandom#1 )
matthiaskrgr added a commit to matthiaskrgr/rust that referenced this pull request Oct 16, 2021
… r=m-ou-se

updating docs to mention usage of AtomicBool

Mouse mentioned we should point out that atomic bool is used by the std lib these days. ( m-ou-se/getrandom#1 )
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.