From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS17314 8.43.84.0/22 X-Spam-Status: No, score=-3.3 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, PDS_RDNS_DYNAMIC_FP,RCVD_IN_DNSWL_MED,RDNS_DYNAMIC,SPF_HELO_PASS, SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from sourceware.org (ip-8-43-85-97.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id F13351F601 for ; Fri, 2 Dec 2022 09:14:28 +0000 (UTC) Authentication-Results: dcvr.yhbt.net; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.b="lGv7Ix9h"; dkim-atps=neutral Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id A5BEC3858C74 for ; Fri, 2 Dec 2022 09:14:27 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A5BEC3858C74 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1669972467; bh=YTSI+akvLgVKKtTRD0vvs6SgZG8mzdU2kmgB3ZsKtHg=; h=To:Cc:Subject:Date:In-Reply-To:References:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=lGv7Ix9hLftHVF1kPZz6ord3hlJIJnZtW0owredh2UrsZZt0sU3nVl03+ftvcxSGB ZUYCQhItHqcUF2h55FDRrOvdt3NPgY+UybCqmZc9Mfj4t7yXG1oTetQkNzyMizpt52 1WKd9l/qrcPKJp6q6ar8Pwo0ObtIv9Vm2MJsuEzo= Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) by sourceware.org (Postfix) with ESMTPS id C25FC3858D39 for ; Fri, 2 Dec 2022 09:13:56 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C25FC3858D39 Received: by mail-lj1-x232.google.com with SMTP id n1so4737439ljg.3 for ; Fri, 02 Dec 2022 01:13:56 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YTSI+akvLgVKKtTRD0vvs6SgZG8mzdU2kmgB3ZsKtHg=; b=hgWaZ4q6njV8AaySfeBWMW430FYes1lzoE4h9libv5uohTBs+2XH7OqJA5kR7/maih QR/3YLuCtQVgAERgugLuU/aEvqzI72eIYRw3FbaGv2QWZLWf2BOP387vEgPTLtFmaGIa g4BxuuB/vk5hFUzkfxP7iasrqGeo6mFpGiSuIeu88yNRPYqZwmCOQYiAqQR8A3SMsEP0 2TZKAWsgXk0ZMJcLpQw62I5kbeuh4wMkFO7V5cMpH5RMCQckNEW8terOEeykszrpDG17 /oA3dDkFK9j4JRNAk6x2GKxlBkpJzAcR1Wp3cLGlWoubbjbURMeul0TSk0DG2I58ubQt lipw== X-Gm-Message-State: ANoB5pnjcUhb/48xhMGtmBYdIRRFM5W2u8uh+ZtWi3Y8ghjrBH/G34nI Ksgk5DPDa5U+Q02aMSuu/H8= X-Google-Smtp-Source: AA0mqf5sNsaRUt9zcQCzixTLuHC/A1mmG0U4xuNsr8RoPuTweICXCZs0hmvRx8aiO7QJAzkrirdKGg== X-Received: by 2002:a2e:b0c3:0:b0:279:ba97:a2e7 with SMTP id g3-20020a2eb0c3000000b00279ba97a2e7mr4564845ljl.304.1669972435214; Fri, 02 Dec 2022 01:13:55 -0800 (PST) Received: from surface-pro-6.. ([194.190.106.50]) by smtp.gmail.com with ESMTPSA id s21-20020a056512203500b004ab98cd5644sm954672lfs.182.2022.12.02.01.13.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Dec 2022 01:13:54 -0800 (PST) To: bug-hurd@gnu.org, libc-alpha@sourceware.org, samuel.thibault@gnu.org Cc: gfleury@disroot.org, riccardo.mottola@libero.it, andrew.eggenberger@gmail.com, Sergey Bugaev Subject: [PATCH v2] hurd: Make getrandom cache the server port Date: Fri, 2 Dec 2022 12:13:51 +0300 Message-Id: <20221202091351.74292-1-bugaevc@gmail.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221130003150.4mnx6xd2g53rox7a@begin> References: <20221130003150.4mnx6xd2g53rox7a@begin> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Sergey Bugaev via Libc-alpha Reply-To: Sergey Bugaev Errors-To: libc-alpha-bounces+e=80x24.org@sourceware.org Sender: "Libc-alpha" Previously, getrandom would, each time it's called, traverse the file system to find /dev/urandom, fetch some random data from it, then throw away that port. This is quite slow, while calls to getrandom are genrally expected to be fast. Additionally, this means that getrandom can not work when /dev/urandom is unavailable, such as inside a chroot that lacks one. User programs expect calls to getrandom to work inside a chroot if they first call getrandom outside of the chroot. In particular, this is known to break the OpenSSH server, and in that case the issue is exacerbated by the API of arc4random, which prevents it from properly reporting errors, forcing glibc to abort on failure. This causes sshd to just die once it tries to generate a random number. Caching the random server port, in a manner similar to how socket server ports are cached, both improves the performance and works around the chroot issue. Tested on i686-gnu with the following program: pthread_barrier_t barrier; void *worker(void*) { pthread_barrier_wait(&barrier); uint32_t sum = 0; for (int i = 0; i < 10000; i++) { sum += arc4random(); } return (void *)(uintptr_t) sum; } int main() { pthread_t threads[THREAD_COUNT]; pthread_barrier_init(&barrier, NULL, THREAD_COUNT); for (int i = 0; i < THREAD_COUNT; i++) { pthread_create(&threads[i], NULL, worker, NULL); } for (int i = 0; i < THREAD_COUNT; i++) { void *retval; pthread_join(threads[i], &retval); printf("Thread %i: %lu\n", i, (unsigned long)(uintptr_t) retval); } In my totally unscientific benchmark, with this patch, this completes in about 7 seconds, whereas previously it took about 50 seconds. This program was also used to test that getrandom () doesn't explode if the random server dies, but instead reopens the /dev/urandom anew. I have also verified that with this patch, OpenSSH can once again accept connections properly. Caveat: this new implementation does not respect the GRND_RANDOM flag and always uses /dev/urandom to read random data. This does not seem to be much of a problem, since there is only a single random server implementation in the Hurd, and /dev/urandom is actually a symlink to /dev/random: $ showtrans /dev/*random /dev/random: /hurd/random --seed-file /var/lib/random-seed /dev/urandom: /hurd/symlink random Signed-off-by: Sergey Bugaev --- sysdeps/mach/hurd/getrandom.c | 101 ++++++++++++++++++++++++++++------ 1 file changed, 85 insertions(+), 16 deletions(-) diff --git a/sysdeps/mach/hurd/getrandom.c b/sysdeps/mach/hurd/getrandom.c index ad2d3ba3..70a0e582 100644 --- a/sysdeps/mach/hurd/getrandom.c +++ b/sysdeps/mach/hurd/getrandom.c @@ -16,10 +16,12 @@ License along with the GNU C Library; if not, see . */ +#include #include #include -#include -#include + +__libc_rwlock_define_initialized (static, lock); +static file_t random_server, random_server_nonblock; extern char *__trivfs_server_name __attribute__((weak)); @@ -28,10 +30,14 @@ extern char *__trivfs_server_name __attribute__((weak)); ssize_t __getrandom (void *buffer, size_t length, unsigned int flags) { - const char *random_source = "/dev/urandom"; - int open_flags = O_RDONLY | O_CLOEXEC; - size_t amount_read; - int fd; + file_t server, *cached_server;; + error_t err; + int open_flags; + char *data = buffer; + mach_msg_type_number_t nread = length; + + if (flags & ~(GRND_RANDOM | GRND_NONBLOCK)) + return __hurd_fail (EINVAL); if (&__trivfs_server_name && __trivfs_server_name && __trivfs_server_name[0] == 'r' @@ -44,19 +50,82 @@ __getrandom (void *buffer, size_t length, unsigned int flags) /* We are random, don't try to read ourselves! */ return length; - if (flags & GRND_RANDOM) - random_source = "/dev/random"; + cached_server = (flags & GRND_NONBLOCK) ? &random_server_nonblock + : &random_server; + +again: + __libc_rwlock_rdlock (lock); + server = *cached_server; + if (MACH_PORT_VALID (server)) + /* Attempt to read some random data using this port. */ + err = __io_read (server, &data, &nread, -1, length); + else + err = MACH_SEND_INVALID_DEST; + __libc_rwlock_unlock (lock); + + if (err == MACH_SEND_INVALID_DEST || err == MIG_SERVER_DIED) + { + file_t oldserver = server; + mach_port_urefs_t urefs; + + /* Slow path: the cached port didn't work, or there was no + cached port in the first place. */ + + __libc_rwlock_wrlock (lock); + server = *cached_server; + if (server != oldserver) + { + /* Someone else must have refetched the port while we were + waiting for the lock. */ + __libc_rwlock_unlock (lock); + goto again; + } + + if (MACH_PORT_VALID (server)) + { + /* It could be that someone else has refetched the port and + it got the very same name. So check whether it is a send + right (and not a dead name). */ + err = __mach_port_get_refs (__mach_task_self (), server, + MACH_PORT_RIGHT_SEND, &urefs); + if (!err && urefs > 0) + { + __libc_rwlock_unlock (lock); + goto again; + } + + /* Now we're sure that it's dead. */ + __mach_port_deallocate (__mach_task_self (), server); + } + + open_flags = O_RDONLY | O_NOCTTY; + if (flags & GRND_NONBLOCK) + open_flags |= O_NONBLOCK; + server = *cached_server = __file_name_lookup ("/dev/urandom", + open_flags, 0); + __libc_rwlock_unlock (lock); + if (!MACH_PORT_VALID (server)) + /* No luck. */ + return -1; + + goto again; + } - if (flags & GRND_NONBLOCK) - open_flags |= O_NONBLOCK; + if (err) + return __hurd_fail (err); - fd = __open_nocancel(random_source, open_flags); - if (fd == -1) - return -1; + if (data != buffer) + { + if (nread > length) + { + __vm_deallocate (__mach_task_self (), (vm_address_t) data, nread); + return __hurd_fail (EGRATUITOUS); + } + memcpy (buffer, data, nread); + __vm_deallocate (__mach_task_self (), (vm_address_t) data, nread); + } - amount_read = __read_nocancel(fd, buffer, length); - __close_nocancel_nostatus(fd); - return amount_read; + return nread; } libc_hidden_def (__getrandom) -- 2.38.1