This is the mail archive of the libc-help@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On Sun, Jul 23, 2017 at 11:41:04AM +0200, Florian Weimer wrote: > * Paul Pluzhnikov: > > > On Sat, Jul 22, 2017 at 2:14 PM, Florian Bruhin <me@the-compiler.org> wrote: > > > >> Why is that, since it shouldn't fail under normal circumstances (at > >> least that's what Qt's sources claim)? > > > > If you didn't check the return value, how would you ever know whether > > you got entropy or not? > > > > The fact that something doesn't fail under normal conditions doesn't > > absolve you from the need to check for abnormal conditions, especially > > when dealing with random data that is likely to be used for crypto. > > I did not see the start of the thread. Was it posted to the > libc-alpha list? Do you have a pointer to the Qt sources in question? I posted to libc-help, not sure if it was intended that the answer got to libc-alpha - I re-added libc-help now. Here is my original message: https://sourceware.org/ml/libc-help/2017-07/msg00020.html And here are the current sources: https://github.com/qt/qtbase/blob/9ca3443a37284bedaf74475c26af173b00757178/src/corelib/global/qrandom.cpp#L123-L134 > In practice, a getentropy implementation which does not fail if called > properly requires emulation using /dev/urandom if the system call is > not available in the kernel, but the glibc community rejected that > approach. FWIW looks like Qt is adding an assertion now: https://codereview.qt-project.org/#/c/200161/ But Thiago Macieira says there: We don't accept ENOSYS. If you're using a glibc new enough to have the getentropy() function (2.25), then your kernel should be new enough (> 3.17). This is also recorded in the ELF note section indicating that we need kernel 3.17. $ file lib/libQt5Core.t.so.5.10.0 lib/libQt5Core.t.so.5.10.0: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.17.0, BuildID[sha1]=2cf147fe0b09697860b702f833acde6c0f7e039d, with debug_info, not stripped Florian -- https://www.qutebrowser.org | me@the-compiler.org (Mail/XMPP) GPG: 916E B0C8 FD55 A072 | https://the-compiler.org/pubkey.asc I love long mails! | https://email.is-not-s.ms/
Attachment:
signature.asc
Description: PGP signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |