getrandom: Fail with ENOSYS when the system has no randomness source

bug-gnulib@gnu.org mirror (unofficial)
 help / color / mirror / Atom feed

* getrandom: Fail with ENOSYS when the system has no randomness source
@ 2021-05-09 14:51 Bruno Haible
  2021-05-10  9:06 ` Paul Eggert
  0 siblings, 1 reply; 3+ messages in thread
From: Bruno Haible @ 2021-05-09 14:51 UTC (permalink / raw)
  To: bug-gnulib

On IRIX 6.5, 'test-getrandom' fails:

$ ./test-getrandom 
../../tests/test-getrandom.c:43: assertion 'errno == ENOSYS' failed

The glibc documentation
<https://www.gnu.org/software/libc/manual/html_node/Unpredictable-Bytes.html>
says that when "The operating system does not implement a randomness source"
the function should return with errno set to ENOSYS. This is what our unit
test is verifying. So, it's our getrandom() implementation that needs a fix.


2021-05-09  Bruno Haible  <bruno@clisp.org>

	getrandom: Fail with ENOSYS when the system has no randomness source.
	* lib/getrandom.c (getrandom): When open() fails, set errno to ENOSYS.

diff --git a/lib/getrandom.c b/lib/getrandom.c
index 41212fb..6160118 100644
--- a/lib/getrandom.c
+++ b/lib/getrandom.c
@@ -178,7 +178,10 @@ getrandom (void *buffer, size_t length, unsigned int flags)
                     + (flags & GRND_NONBLOCK ? O_NONBLOCK : 0));
       fd = open (randdevice[devrandom], oflags);
       if (fd < 0)
-        return fd;
+        {
+          errno = ENOSYS;
+          return -1;
+        }
       randfd[devrandom] = fd;
     }
 



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: getrandom: Fail with ENOSYS when the system has no randomness source
  2021-05-09 14:51 getrandom: Fail with ENOSYS when the system has no randomness source Bruno Haible
@ 2021-05-10  9:06 ` Paul Eggert
  2021-05-13 19:35   ` Bruno Haible
  0 siblings, 1 reply; 3+ messages in thread
From: Paul Eggert @ 2021-05-10  9:06 UTC (permalink / raw)
  To: Bruno Haible; +Cc: bug-gnulib

On 5/9/21 7:51 AM, Bruno Haible wrote:
>         if (fd < 0)
> -        return fd;
> +        {
> +          errno = ENOSYS;
> +          return -1;
> +        }

If 'open' fails with errno equal to (say) EINTR or EAGAIN or EMFILE, 
this doesn't mean the operating system lacks a randomness source; it 
merely means the 'open' failed. And the libc manual allows getrandom to 
fail with EMFILE or with any other valid error number. (FWIW, the Hurd 
implementation of getrandom simply passes the errno of 'open' through.)

How about if we instead change that code to something like this:

  if (fd < 0)
    {
       if (errno == ENOENT || errno == ENOTDIR)
         errno = ENOSYS;
       return fd;
    }

That is, if /dev/random (or whatever) doesn't exist, we assume the OS is 
like IRIX and lacks randomness support, so we fail with ENOSYS; 
otherwise we pass errno through as that's more useful to the caller.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: getrandom: Fail with ENOSYS when the system has no randomness source
  2021-05-10  9:06 ` Paul Eggert
@ 2021-05-13 19:35   ` Bruno Haible
  0 siblings, 0 replies; 3+ messages in thread
From: Bruno Haible @ 2021-05-13 19:35 UTC (permalink / raw)
  To: Paul Eggert; +Cc: bug-gnulib

Paul Eggert wrote:
> On 5/9/21 7:51 AM, Bruno Haible wrote:
> >         if (fd < 0)
> > -        return fd;
> > +        {
> > +          errno = ENOSYS;
> > +          return -1;
> > +        }
> 
> If 'open' fails with errno equal to (say) EINTR or EAGAIN or EMFILE, 
> this doesn't mean the operating system lacks a randomness source; it 
> merely means the 'open' failed. And the libc manual allows getrandom to 
> fail with EMFILE or with any other valid error number. (FWIW, the Hurd 
> implementation of getrandom simply passes the errno of 'open' through.)
> 
> How about if we instead change that code to something like this:
> 
>   if (fd < 0)
>     {
>        if (errno == ENOENT || errno == ENOTDIR)
>          errno = ENOSYS;
>        return fd;
>     }
> 
> That is, if /dev/random (or whatever) doesn't exist, we assume the OS is 
> like IRIX and lacks randomness support, so we fail with ENOSYS; 
> otherwise we pass errno through as that's more useful to the caller.

Good point. Thanks for the correction. Done:


2021-05-13  Bruno Haible  <bruno@clisp.org>

	getrandom: Produce a better error code.
	Reported by Paul Eggert in
	<https://lists.gnu.org/archive/html/bug-gnulib/2021-05/msg00025.html>.
	* lib/getrandom.c (getrandom): When open() fails with an error that does
	not indicate the absence of the file, fail with that error code, not
	with ENOSYS.

diff --git a/lib/getrandom.c b/lib/getrandom.c
index 6160118..9e90e64 100644
--- a/lib/getrandom.c
+++ b/lib/getrandom.c
@@ -179,7 +179,8 @@ getrandom (void *buffer, size_t length, unsigned int flags)
       fd = open (randdevice[devrandom], oflags);
       if (fd < 0)
         {
-          errno = ENOSYS;
+          if (errno == ENOENT || errno == ENOTDIR)
+            errno = ENOSYS;
           return -1;
         }
       randfd[devrandom] = fd;



^ permalink raw reply related	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2021-05-13 19:35 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-09 14:51 getrandom: Fail with ENOSYS when the system has no randomness source Bruno Haible
2021-05-10  9:06 ` Paul Eggert
2021-05-13 19:35   ` Bruno Haible

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).