back-compat: add fallback getentropy implementation #10335

pull theuni wants to merge 2 commits into bitcoin:master from theuni:getentropy-back-compat changing 2 files +24 −5
  1. theuni commented at 1:07 AM on May 4, 2017: member

    Yet another fallback needed for getentropy :(

    When building on a newer linux machine (glibc >= 2.25), the resulting binary will fail to run on an older one (<2.25), due to missing symbols. This adds a weak symbol for our own implementation for use as a last resort.

    Alternative solutions welcome.

  2. dcousens commented at 1:09 AM on May 4, 2017: contributor

    Alternative solutions welcome.

    return 0? (aka, do nothing) I assume we are already mixing /dev/urandom elsewhere though - if not, ACK

  3. sipa commented at 1:16 AM on May 4, 2017: member

    Alternative solutions welcome.

    How about not using getentropy on Linux? It's a BSD compatibility function. The Really Good (TM) solution is using SYS_getrandom, but if that's not available, just fallback to using /dev/urandom directly.

    I assume we are already mixing /dev/urandom elsewhere though.

    No. getrandom / getentropy replace the need for /dev/urandom.

  4. theuni commented at 1:32 AM on May 4, 2017: member

    Just had a quick chat about this on IRC. I'll fix this up as discussed.

  5. laanwj commented at 8:16 AM on May 4, 2017: member

    Huh? we should never be using getentropy() on Linux, that's why the getrandom() syscall is called directly. What is going wrong here exactly?

    Edit: ok after discussion on IRC understand, getentropy is detected on newer versions of glibc, causing that to be used. That should be avoided, the SYS_getrandom path should always be used on Linux, getentropy is for BSD.

  6. fanquake added the label Utils and libraries on May 4, 2017
  7. theuni force-pushed on May 4, 2017
  8. theuni force-pushed on May 4, 2017
  9. theuni force-pushed on May 4, 2017
  10. random: make the DevURandom fallback available to all OSs
    Additionally, ensure that getentropy uses the fallback in the event that it's
unsupported at runtime.
    062c7c1541
  11. back-compat: add getentropy stub
    getentropy was added in glibc 2.25. This ensures that binaries linked against
later versions have a runtime fallback.

This fallback simply returns ENOSYS, indicating that /dev/urandom should be
used instead.
    e596faf8ef
  12. theuni commented at 6:05 PM on May 4, 2017: member

    Updated as discussed with @sipa on IRC. @laanwj: specifically, the problem is building against a newer glibc, and older linux kernel headers for compatibility. So getentropy() is defined, but the syscall isn't. That's what I ran into here.

    Would you like to explicitly disable getentropy for linux on the build side as well?

  13. sipa commented at 6:11 PM on May 4, 2017: member

    @theuni This commit simplifies the fallback logic a bit: https://github.com/sipa/bitcoin/commit/0abac37a1b3481ed7ab9ea2d0f7b32d819ea9964

    Both this PR or just disabling getentropy on Linux are fine solutions to me.

  14. laanwj commented at 10:02 AM on May 5, 2017: member

    Would you like to explicitly disable getentropy for linux on the build side as well?

    I don't see why we'd need it. I made the syscall-based path for Linux to avoid having to rely on any function provided by glibc (e.g. to require a certain glibc version) for kernel randomness. But I don't care deeply, as long as it works...

  15. ryanofsky commented at 9:12 PM on May 10, 2017: member

    utACK e596faf8efa211b3b17a555beba81a34dc68d55d. Unclear from discussion above whether there is agreement to continue allowing fallback to getentropy on linux, though IMO it makes the code cleaner to fall straight through all the available calls like this PR does (despite the need for the weak symbol workaround).

    sipa's simplification https://github.com/sipa/bitcoin/commit/0abac37a1b3481ed7ab9ea2d0f7b32d819ea9964 also seems good.

  16. laanwj commented at 2:09 PM on June 24, 2017: member

    @theuni can you comment on @sipa's implementation?

  17. theuni commented at 4:56 PM on July 17, 2017: member

    Looking at this again with fresh eyes, I think the most straightforward is to only enable getentropy for openbsd, where we know what it's doing:

    #elif defined(HAVE_GETENTROPY) && defined(__OpenBSD__)

    Then we can drop all of the compat stuff. Sound reasonable?

  18. laanwj commented at 5:02 PM on July 17, 2017: member

    Yes, sounds good to me.

  19. theuni commented at 5:15 PM on July 17, 2017: member

    Ok, closing this and opening a new PR as this no long has anything to do with back-compat.

  20. theuni closed this on Jul 17, 2017
  21. laanwj referenced this in commit 81560b07ce on Jul 18, 2017
  22. PastaPastaPasta referenced this in commit 2bb98eadd6 on Jul 6, 2019
  23. PastaPastaPasta referenced this in commit 5f95248dbc on Jul 8, 2019
  24. PastaPastaPasta referenced this in commit e84cde3e59 on Jul 9, 2019
  25. PastaPastaPasta referenced this in commit 3eeddbe7bb on Jul 11, 2019
  26. PastaPastaPasta referenced this in commit 65dcbb2e81 on Jul 13, 2019
  27. PastaPastaPasta referenced this in commit d7d8f4670d on Jul 13, 2019
  28. PastaPastaPasta referenced this in commit 06855a2722 on Jul 17, 2019
  29. PastaPastaPasta referenced this in commit 75d34370ad on Jul 23, 2019
  30. PastaPastaPasta referenced this in commit cea9e1cf01 on Jul 24, 2019
  31. barrystyle referenced this in commit d1e75f33ac on Jan 22, 2020
  32. DrahtBot locked this on Sep 8, 2021
Contributors
theunidcousenssipalaanwjryanofsky
Labels
Utils/log/libs
Linked (view graph)
#10855 random: only use getentropy on openbsd
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me