This is the mail archive of the libc-help@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Why is getentropy marked with warn_unused_result?

From: Florian Bruhin <me at the-compiler dot org>
To: Florian Weimer <fw at deneb dot enyo dot de>
Cc: Paul Pluzhnikov <ppluzhnikov at google dot com>, GLIBC Devel <libc-alpha at sourceware dot org>, libc-help at sourceware dot org
Date: Sun, 23 Jul 2017 12:16:17 +0200
Subject: Re: Why is getentropy marked with warn_unused_result?
Authentication-results: sourceware.org; auth=none
References: <20170722211442.wmqbkjsw4t6rd4i3@hooch.localdomain> <CALoOobMps6BSAOfBdu1cxN9+MD-YsNPfzp1SZJ8oUJYt11t4uQ@mail.gmail.com> <877eyzij7z.fsf@mid.deneb.enyo.de>

On Sun, Jul 23, 2017 at 11:41:04AM +0200, Florian Weimer wrote:
> * Paul Pluzhnikov:
> 
> > On Sat, Jul 22, 2017 at 2:14 PM, Florian Bruhin <me@the-compiler.org> wrote:
> >
> >> Why is that, since it shouldn't fail under normal circumstances (at
> >> least that's what Qt's sources claim)?
> >
> > If you didn't check the return value, how would you ever know whether
> > you got entropy or not?
> >
> > The fact that something doesn't fail under normal conditions doesn't
> > absolve you from the need to check for abnormal conditions, especially
> > when dealing with random data that is likely to be used for crypto.
> 
> I did not see the start of the thread.  Was it posted to the
> libc-alpha list?  Do you have a pointer to the Qt sources in question?

I posted to libc-help, not sure if it was intended that the answer got
to libc-alpha - I re-added libc-help now.

Here is my original message:
https://sourceware.org/ml/libc-help/2017-07/msg00020.html

And here are the current sources:
https://github.com/qt/qtbase/blob/9ca3443a37284bedaf74475c26af173b00757178/src/corelib/global/qrandom.cpp#L123-L134

> In practice, a getentropy implementation which does not fail if called
> properly requires emulation using /dev/urandom if the system call is
> not available in the kernel, but the glibc community rejected that
> approach.

FWIW looks like Qt is adding an assertion now:
https://codereview.qt-project.org/#/c/200161/

But Thiago Macieira says there:

    We don't accept ENOSYS. If you're using a glibc new enough to have
    the getentropy() function (2.25), then your kernel should be new
    enough (> 3.17). This is also recorded in the ELF note section
    indicating that we need kernel 3.17.
    
    $ file lib/libQt5Core.t.so.5.10.0 
    lib/libQt5Core.t.so.5.10.0: ELF 64-bit LSB shared object, x86-64,
    version 1 (SYSV), dynamically linked, interpreter
    /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.17.0,
    BuildID[sha1]=2cf147fe0b09697860b702f833acde6c0f7e039d, with
    debug_info, not stripped

Florian

-- 
https://www.qutebrowser.org  | me@the-compiler.org (Mail/XMPP)
   GPG: 916E B0C8 FD55 A072  | https://the-compiler.org/pubkey.asc
         I love long mails!  | https://email.is-not-s.ms/

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: Why is getentropy marked with warn_unused_result?
  - From: Florian Weimer

References:
- Why is getentropy marked with warn_unused_result?
  - From: Florian Bruhin

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]