mbedtls/library
Hanno Becker 6b89197f26 Entropy: Fall through to /dev/random if getrandom() syscall unknown
This commit fixes issue #1212 related to platform-specific entropy
polling in an syscall-emulated environment.

Previously, the implementation of the entropy gathering function
`mbedtls_platform_entropy_poll()` for linux machines used the
following logic to determine how to obtain entropy from the kernel:

1. If the getrandom() system call identifier SYS_getrandom is present and
   the kernel version is 3.17 or higher, use syscall( SYS_getrandom, ... )
2. Otherwise, fall back to reading from /dev/random.

There are two issues with this:

1. Portability:
   When cross-compiling the code for a different
   architecture and running it through system call
   emulation in qemu, qemu reports the host kernel
   version through uname but, as of v.2.5.0,
   doesn't support emulating the getrandom() syscall.
   This leads to `mbedtls_platform_entropy_poll()`
   failing even though reading from /dev/random would
   have worked.

2. Style:
   Extracting the linux kernel version from
   the output of `uname` is slightly tedious.

This commit fixes both by implementing the suggestion in #1212:
- It removes the kernel-version detection through uname().
- Instead, it checks whether `syscall( SYS_getrandom, ... )`
  fails with errno set to ENOSYS indicating an unknown system call.
  If so, it falls through to trying to read from /dev/random.

Fixes #1212.
2018-10-30 09:31:15 +00:00
..
.gitignore Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
aes.c Add missing MBEDTLS_DEPRECATED_REMOVED guards 2018-02-21 19:16:20 +01:00
aesni.c Fix build errors on x32 by using the generic 'add' instruction 2016-05-23 14:29:28 +01:00
arc4.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
asn1parse.c Fix 1 byte overread in mbedtls_asn1_get_int() 2016-10-13 13:54:14 +01:00
asn1write.c Merge remote-tracking branch 'public/pr/1655' into mbedtls-2.7 2018-06-12 17:40:08 +01:00
base64.c Add comment to integer overflow fix in base64.c 2017-02-15 23:31:07 +02:00
bignum.c Minor fixes 2018-03-09 10:48:12 +00:00
blowfish.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
camellia.c Address user reported coverity issues. 2016-06-07 14:52:35 +01:00
ccm.c enforce input and output of ccm selftest on stack 2018-07-30 11:43:08 +03:00
certs.c Undo API change from SHA1 deprecation 2017-07-27 21:44:33 +01:00
cipher.c Merge remote-tracking branch 'public/pr/1763' into mbedtls-2.7-proposed 2018-10-28 18:13:46 +00:00
cipher_wrap.c Fix after PR comments 2018-06-21 14:03:14 +03:00
cmac.c Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7 2018-06-27 11:11:34 +01:00
CMakeLists.txt Update library version number to 2.7.6 2018-08-31 16:07:23 +01:00
ctr_drbg.c ctr_drbg: Typo fix in the file description comment. 2018-02-10 11:11:41 +02:00
debug.c Fix compilation error with Mingw32 2017-09-06 17:51:14 +03:00
des.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
dhm.c Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted 2018-01-26 18:43:04 +00:00
ecdh.c Address PR cpomments reviews 2017-10-10 19:04:27 +03:00
ecdsa.c Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH 2018-03-30 18:43:16 +02:00
ecjpake.c Fix multiple quality issues in the source 2018-06-08 11:14:43 +01:00
ecp.c Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails 2018-07-26 11:08:06 +03:00
ecp_curves.c ECP: Add module and function level replacement options. 2017-05-11 22:42:14 +01:00
entropy.c Merge branch 'development' into development-restricted 2018-01-25 17:28:31 +00:00
entropy_poll.c Entropy: Fall through to /dev/random if getrandom() syscall unknown 2018-10-30 09:31:15 +00:00
error.c Update error.c 2018-03-30 18:52:10 +02:00
gcm.c Merge remote-tracking branch 'upstream-public/pr/964' into development 2018-01-02 16:24:29 +01:00
havege.c Fixes warnings found by Clang static analyser 2016-05-23 23:18:26 +01:00
hmac_drbg.c Zeroize tmp bufs in hmac_drbg.c functions 2017-06-26 10:22:24 +01:00
Makefile Merge remote-tracking branch 'upstream-public/pr/1500' into mbedtls-2.7-proposed 2018-04-01 12:41:29 +02:00
md.c Merge branch 'development' into development-restricted 2018-01-25 17:28:31 +00:00
md2.c MD: Make deprecated functions not inline 2018-02-22 08:20:42 +00:00
md4.c MD: Make deprecated functions not inline 2018-02-22 08:20:42 +00:00
md5.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
md_wrap.c New MD API: rename functions from _ext to _ret 2018-01-22 11:54:42 +01:00
memory_buffer_alloc.c Fix braces in mbedtls_memory_buffer_alloc_status() 2018-05-23 16:32:33 +01:00
net_sockets.c Merge remote-tracking branch 'public/pr/1711' into mbedtls-2.7 2018-06-14 11:01:14 +01:00
oid.c pkcs5v2: add support for additional hmacSHA algorithms 2018-02-08 17:18:15 +08:00
padlock.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pem.c Merge remote-tracking branch 'upstream-public/pr/778' into mbedtls-2.7-proposed 2018-03-12 23:44:56 +01:00
pk.c Change PK module preprocessor check on word size 2017-08-04 13:32:15 +01:00
pk_wrap.c Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH 2018-03-30 18:43:16 +02:00
pkcs5.c Treat warnings as errors for IAR 2018-05-25 14:58:33 +01:00
pkcs11.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pkcs12.c Shut up a few clang-analyze warnings about use of uninitialized variables 2016-05-23 14:29:28 +01:00
pkparse.c Remove unnecessary mark as unused #1098 (backport) 2018-07-20 14:08:02 +02:00
pkwrite.c Adapt PK test suite to use new interface 2017-08-23 16:17:27 +01:00
platform.c Merge remote-tracking branch 'upstream-public/pr/1079' into mbedtls-2.7-proposed 2018-03-11 00:48:17 +01:00
ripemd160.c MD: Make deprecated functions not inline 2018-02-22 08:20:42 +00:00
rsa.c Merge tag 'mbedtls-2.7.2' into iotssl-1381-x509-verify-refactor-2.7-restricted 2018-03-23 02:12:44 +01:00
rsa_internal.c Add explicit type cast to avoid truncation warning 2018-01-03 09:27:40 +00:00
sha1.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
sha256.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
sha512.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
ssl_cache.c Address PR review comments 2017-10-29 17:53:52 +02:00
ssl_ciphersuites.c Add ecc extensions only if ecc ciphersuite is used 2018-06-28 15:49:34 +03:00
ssl_cli.c Merge remote-tracking branch 'public/pr/1888' into mbedtls-2.7 2018-08-28 12:25:12 +01:00
ssl_cookie.c Fix resource leak when using mutex and ssl_cookie 2017-03-02 12:26:11 +00:00
ssl_srv.c Merge remote-tracking branch 'upstream-public/pr/1814' into mbedtls-2.7 2018-08-10 11:01:29 +01:00
ssl_ticket.c Fix bug in SSL ticket implementation removing keys of age < 1s 2018-08-22 14:58:31 +01:00
ssl_tls.c Fail when encountering invalid CBC padding in EtM records 2018-10-17 14:54:16 +01:00
threading.c Do not define and initialize global mutexes on configurations that do not use them. 2018-03-21 15:13:08 +00:00
timing.c Fix alarm(0) failure on mingw32 2018-01-29 10:24:50 +01:00
version.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
version_features.c Merge branch 'prr_424' into mbedtls-2.7-proposed 2018-02-22 16:07:32 +01:00
x509.c x509.c: Remove unused includes 2018-07-02 12:13:26 +01:00
x509_create.c Fix other occurrences of same bounds check issue 2015-10-21 12:50:45 +02:00
x509_crl.c x509: CRL: reject unsupported critical extensions 2018-03-14 09:24:12 +01:00
x509_crt.c Merge remote-tracking branch 'restricted/pr/498' into mbedtls-2.7-restricted 2018-08-28 15:29:55 +01:00
x509_csr.c Coding style 2018-06-22 11:45:38 +01:00
x509write_crt.c New MD API: rename functions from _ext to _ret 2018-01-22 11:54:42 +01:00
x509write_csr.c Clarify code-paths in x509write_csr and x509write_crt 2017-09-22 16:05:43 +01:00
xtea.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00