diff options
Diffstat (limited to 'util/libreboot-utils/lib')
| -rw-r--r-- | util/libreboot-utils/lib/mkhtemp.c | 53 | ||||
| -rw-r--r-- | util/libreboot-utils/lib/num.c | 324 | ||||
| -rw-r--r-- | util/libreboot-utils/lib/rand.c | 114 | ||||
| -rw-r--r-- | util/libreboot-utils/lib/string.c | 151 |
4 files changed, 240 insertions, 402 deletions
diff --git a/util/libreboot-utils/lib/mkhtemp.c b/util/libreboot-utils/lib/mkhtemp.c index 2fb2f01a..191d657c 100644 --- a/util/libreboot-utils/lib/mkhtemp.c +++ b/util/libreboot-utils/lib/mkhtemp.c @@ -886,53 +886,30 @@ err: int mkhtemp_fill_random(char *p, size_t xc) { - size_t chx = 0; - int rand_failures = 0; - - size_t r; - - int saved_rand_error = 0; static char ch[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + size_t chx = 0; + size_t r; + /* clamp rand to prevent modulo bias - * (reduced risk of entropy leak) */ size_t limit = ((size_t)-1) - (((size_t)-1) % (sizeof(ch) - 1)); - int saved_errno = errno; - if (p == NULL) { - errno = EFAULT; - goto err_mkhtemp_fill_random; - } + if (if_err(p == NULL, EFAULT)) + return -1; for (chx = 0; chx < xc; chx++) { - do { - saved_rand_error = errno; - rand_failures = 0; retry_rand: - errno = 0; - - /* on bsd: uses arc4random - on linux: uses getrandom - on OLD linux: /dev/urandom - on old/other unix: /dev/urandom - */ - r = rlong(); - - if (errno > 0) { - if (++rand_failures <= 8) - goto retry_rand; - - goto err_mkhtemp_fill_random; - } - - rand_failures = 0; - errno = saved_rand_error; - - } while (r >= limit); + /* on bsd: uses arc4random + on linux: uses getrandom + *never returns error* + */ + r = rlong(); /* always returns successful */ + if (r >= limit) + goto retry_rand; p[chx] = ch[r % (sizeof(ch) - 1)]; } @@ -940,12 +917,6 @@ retry_rand: errno = saved_errno; return 0; -err_mkhtemp_fill_random: - - if (errno == saved_errno) - errno = ECANCELED; - - return -1; } /* WARNING: **ONCE** per file. diff --git a/util/libreboot-utils/lib/num.c b/util/libreboot-utils/lib/num.c index 0b76e257..41a08f0b 100644 --- a/util/libreboot-utils/lib/num.c +++ b/util/libreboot-utils/lib/num.c @@ -2,6 +2,7 @@ * Copyright (c) 2026 Leah Rowe <leah@libreboot.org> * * Numerical functions. + * NOTE: randomness was moved to rand.c */ /* @@ -12,10 +13,6 @@ TODO: properly handle errno in this file #include <sys/param.h> #endif #include <sys/types.h> -#if defined(FALLBACK_RAND_1989) && \ - (FALLBACK_RAND_1989) > 0 -#include <sys/time.h> -#endif #include <errno.h> #if !((defined(__OpenBSD__) && (OpenBSD) >= 201) || \ @@ -26,10 +23,6 @@ TODO: properly handle errno in this file #include <limits.h> #include <stddef.h> #include <string.h> -#if defined(FALLBACK_RAND_1989) && \ - (FALLBACK_RAND_1989) > 0 -#include <time.h> -#endif #include <unistd.h> #include "../include/common.h" @@ -117,321 +110,6 @@ err_hextonum: /* caller just checks >15. */ } -/* Random numbers - */ - -/* when calling this: save errno - * first, then set errno to zero. - * on error, this function will - * set errno and possibly return - * - * rlong also preserves errno - * and leaves it unchanged on - * success, so if you do it - * right, you can detect error. - * this is because it uses - * /dev/urandom which can err. - * ditto getrandom (EINTR), - * theoretically. - */ - -size_t -rlong(void) -{ -#if !(defined(FALLBACK_RAND_1989) && \ - ((FALLBACK_RAND_1989) > 0)) -#if (defined(__OpenBSD__) && (OpenBSD) >= 201) || \ - defined(__FreeBSD__) || \ - defined(__NetBSD__) || defined(__APPLE__) - - int saved_errno = errno; - size_t rval; - - arc4random_buf(&rval, sizeof(size_t)); - - errno = saved_errno; - return rval; -#else - static int fd = -1; - static ssize_t nr = -1; - static size_t off = 0; -#if defined (BUFSIZ) - static char rbuf[BUFSIZ]; -#else -#ifndef PORTABLE - static char rbuf[4096]; -#elif ((PORTABLE) > 0) - static char rbuf[256]; /* scarce memory on old systems */ -#else - static char rbuf[4096]; /* typical 32-bit BUFSIZ */ -#endif -#endif - size_t rval; - ssize_t new_nr; - - int retries = 0; - int max_retries = 100; - - int saved_errno = errno; - -#if defined(__linux__) -#if defined(HAVE_GETRANDOM) || \ - defined(HAVE_GETRANDOM_SYSCALL) - - /* linux getrandom() - * - * we *can* use arc4random on - * modern linux, but not on - * every libc. better use the - * official linux function - */ - - if (fallback_rand_getrandom(&rval, sizeof(rval)) == 0) { - errno = saved_errno; - return rval; - } - - /* - * now fall back to urandom if getrandom failed: - */ -#endif -#endif - - /* reading from urandom is inherently - * unreliable on old systems, even if - * newer systems make it more reliable - * - * modern linux/bsd make it safe, but - * we have to assume that someone is - * compiling this on linux from 1999 - * - * this logic therefore applies various - * tricks to mitigate possible os bugs - */ - -retry_urandom_read: - - if (++retries > max_retries) - goto err_rlong; - - if (nr < 0 || nr < (ssize_t)sizeof(size_t)) { - - if (fd < 0) { - - fd = open("/dev/urandom", - O_RDONLY | O_BINARY | O_NOFOLLOW | - O_CLOEXEC | O_NOCTTY); - -#ifdef USE_OLD_DEV_RANDOM -#if (USE_OLD_DEV_RANDOM) > 0 - /* WARNING: - * /dev/random may block - * forever and does **NOT** - * guarantee better entropy - * on old systems - * - * only use it if needed - */ - - if (fd < 0) - fd = open("/dev/random", - O_RDONLY | O_BINARY | O_NOFOLLOW | - O_CLOEXEC | O_NOCTTY); -#endif -#endif - - if (fd < 0) - goto retry_urandom_read; - - retries = 0; - } - - new_nr = rw_file_exact(fd, (unsigned char *)rbuf, - sizeof(rbuf), 0, IO_READ, LOOP_EAGAIN, - LOOP_EINTR, MAX_ZERO_RW_RETRY, OFF_ERR); - - if (new_nr < 0 || new_nr < (ssize_t)sizeof(rbuf)) - goto retry_urandom_read; - - /* only reset buffer after successful refill */ - nr = new_nr; - off = 0; - - /* don't re-use same fd, to mitaget - * fd injection */ - close_no_err(&fd); - } - - fd = -1; - retries = 0; - - memcpy(&rval, rbuf + off, sizeof(size_t)); - - nr -= (ssize_t)sizeof(size_t); - off += sizeof(size_t); - - errno = saved_errno; - - return rval; - -err_rlong: - - if (errno == saved_errno) - errno = EIO; - - return 0; - -#endif -#else /* FALLBACK_RAND_1989 */ - /* your computer is from a museum - */ - size_t mix = 0; - int nr = 0; - int saved_errno = errno; - - /* 100 times, for entropy - */ - for (nr = 0; nr < 100; nr++) - mix ^= fallback_rand_1989(); - - errno = saved_errno; - return mix; -#endif -} - -#if !(defined(FALLBACK_RAND_1989) && \ - ((FALLBACK_RAND_1989) > 0)) -#if defined(__linux__) -#if defined(HAVE_GETRANDOM) || \ - defined(HAVE_GETRANDOM_SYSCALL) -int /* yes, linux is a fallback */ -fallback_rand_getrandom(void *buf, size_t len) -{ - size_t off = 0; - ssize_t rval = -1; - int saved_errno = errno; - - if (!len) { - errno = EINVAL; - return -1; - } - - if (buf == NULL) { - errno = EFAULT; - return -1; - } - -#if defined(HAVE_GETRANDOM) || \ - defined(HAVE_GETRANDOM_SYSCALL) - - while (off < len) { - -#if defined(HAVE_GETRANDOM) - rval = (ssize_t)getrandom((char *)buf + off, len - off, 0); -#elif defined(HAVE_GETRANDOM_SYSCALL) - rval = (ssize_t)syscall(SYS_getrandom, - (char *)buf + off, len - off, 0); -#endif - - if (rval < 0) { - if (errno == EINTR || errno == EAGAIN) - continue; - - errno = EIO; - return -1; /* unsupported by kernel */ - } - - if (rval == 0) { - errno = EIO; - return -1; - } - - off += (size_t)rval; - } - - errno = saved_errno; - return 0; - -#else - (void)buf; - (void)len; - - errno = EIO; - return -1; -#endif -} -#endif -#endif -#else -size_t -fallback_rand_1989(void) -{ - static size_t mix = 0; - static size_t counter = 0; - - struct timeval tv; - - /* nobody should use this - * (not crypto-safe) - */ - - gettimeofday(&tv, NULL); - - mix ^= (size_t)tv.tv_sec - ^ (size_t)tv.tv_usec - ^ (size_t)getpid() - ^ (size_t)&mix - ^ counter++ - ^ entropy_jitter(); - - /* - * Stack addresses can vary between - * calls, thus increasing entropy. - */ - mix ^= (size_t)&mix; - mix ^= (size_t)&tv; - mix ^= (size_t)&counter; - - return mix; -} - -size_t -entropy_jitter(void) -{ - size_t mix; - - struct timeval a, b; - ssize_t mix_diff; - - int c; - - mix = 0; - - gettimeofday(&a, NULL); - - for (c = 0; c < 32; c++) { - - getpid(); - gettimeofday(&b, NULL); - - /* - * prevent negative numbers to prevent overflow, - * which would bias rand to large numbers - */ - mix_diff = (ssize_t)(b.tv_usec - a.tv_usec); - if (mix_diff < 0) - mix_diff = -mix_diff; - - mix ^= (size_t)(mix_diff); - - mix ^= (size_t)&mix; - - } - - return mix; -} -#endif - void check_bin(size_t a, const char *a_name) { diff --git a/util/libreboot-utils/lib/rand.c b/util/libreboot-utils/lib/rand.c new file mode 100644 index 00000000..a8fbb706 --- /dev/null +++ b/util/libreboot-utils/lib/rand.c @@ -0,0 +1,114 @@ +/* SPDX-License-Identifier: MIT + * Copyright (c) 2026 Leah Rowe <leah@libreboot.org> + * + * Random number generation + */ + +#ifndef RAND_H +#define RAND_H + +#ifdef __OpenBSD__ +#include <sys/param.h> +#endif +#include <sys/types.h> + +#include <errno.h> +#if !((defined(__OpenBSD__) && (OpenBSD) >= 201) || \ + defined(__FreeBSD__) || \ + defined(__NetBSD__) || defined(__APPLE__)) +#include <fcntl.h> /* if not arc4random: /dev/urandom */ +#endif +#include <limits.h> +#include <stddef.h> +#include <string.h> +#include <unistd.h> +#include <stdlib.h> + +#include "../include/common.h" + +/* Random numbers + */ + +/* when calling this: save errno + * first, then set errno to zero. + * on error, this function will + * set errno and possibly return + * + * rlong also preserves errno + * and leaves it unchanged on + * success, so if you do it + * right, you can detect error. + * this is because it uses + * /dev/urandom which can err. + * ditto getrandom (EINTR), + * theoretically. + */ + +/* for the linux version: we use only the + * syscall, because we cannot trust /dev/urandom + * to be as robust, and some libc implementations + * may default to /dev/urandom under fault conditions. + * + * for general high reliability, we must abort on + * failure. in practise, it will likely never fail. + * the arc4random call on bsd never returns error. + */ + +size_t +rlong(void) +{ + size_t rval; + int saved_errno = errno; + errno = 0; + +#if (defined(__OpenBSD__) || defined(__FreeBSD__) || \ + defined(__NetBSD__) || defined(__APPLE__) || \ + defined(__DragonFly__)) + + arc4random_buf(&rval, sizeof(size_t)); + goto out; + +#elif defined(__linux__) + + size_t off = 0; + size_t len = sizeof(rval); + ssize_t rc; + +retry_rand: + rc = (ssize_t)syscall(SYS_getrandom, + (char *)&rval + off, len - off, 0); + + if (rc < 0) { + if (errno == EINTR || errno == EAGAIN) { + usleep(100); + goto retry_rand; + } + + goto err; /* possibly unsupported by kernel */ + } + + if ((off += (size_t)rc) < len) + goto retry_rand; + + goto out; +err: + /* + * getrandom can return with error, butt arc4random + * doesn't. generally, getrandom will be reliably, + * but we of course have to maintain parity with + * BSD. So a rand failure is to be interpreted as + * a major systems failure, and we act accordingly. + */ + err_no_cleanup(1, ECANCELED, + "Randomisation failure, possibly unsupported in your kernel."); + exit(EXIT_FAILURE); + +#else +#error Unsupported operating system (possibly unsecure randomisation) +#endif + +out: + errno = saved_errno; + return rval; +} +#endif diff --git a/util/libreboot-utils/lib/string.c b/util/libreboot-utils/lib/string.c index ea7ca30a..0329c6c3 100644 --- a/util/libreboot-utils/lib/string.c +++ b/util/libreboot-utils/lib/string.c @@ -14,25 +14,12 @@ #include <string.h> #include <stdlib.h> #include <unistd.h> +#include <limits.h> +#include <stdint.h> #include "../include/common.h" -/* scmp() - strict string comparison - * - * strict string comparison - * similar to strncmp, but null and - * unterminated inputs do not produce - * a return value; on error, errno is - * set and -1 is returned. - * - * the real return value is stored in - * the 4th argument by pointer. - * - * the value at rval pointer is set, - * only upon success. callers should - * check the return value accordingly. - */ - +/* strict strcmp */ int scmp(const char *a, const char *b, @@ -46,9 +33,8 @@ scmp(const char *a, if (a == NULL || b == NULL || rval == NULL) { - errno = EFAULT; - return -1; + goto err; } for (ch = 0; ch < maxlen; ch++) { @@ -67,27 +53,14 @@ scmp(const char *a, } } - /* block unterminated strings */ +err: errno = EFAULT; + if (rval != NULL) + *rval = -1; return -1; } -/* slen() - strict strict length - * - * strict string length calculation - * similar to strnlen, but null and - * unterminated inputs do not produce - * a return value; on error, errno is - * set and -1 is returned. - * - * the real return value is stored in - * the 3rd argument by pointer. - * - * the value at rval pointer is set, - * only upon success. callers should - * check the return value accordingly. - */ - +/* strict strlen */ int slen(const char *s, size_t maxlen, @@ -97,9 +70,8 @@ slen(const char *s, if (s == NULL || rval == NULL) { - errno = EFAULT; - return -1; + goto err; } for (ch = 0; @@ -109,11 +81,114 @@ slen(const char *s, if (ch == maxlen) { /* unterminated */ errno = EFAULT; - return -1; + goto err; } *rval = ch; return 0; +err: + if (rval != NULL) + *rval = 0; + return -1; +} + +/* strict strdup */ +int +sdup(const char *s, + size_t n, char **dest) +{ + size_t size; + char *rval; + + if (dest == NULL || + slen(s, n, &size) < 0 || + if_err(size == SIZE_MAX, EOVERFLOW) || + (rval = malloc(size + 1)) == NULL) { + + if (dest != NULL) + *dest = NULL; + return -1; + } + + memcpy(rval, s, size); + *(rval + size) = '\0'; + + *dest = rval; + return 0; +} + +/* strict strcat */ +int +scat(const char *s1, const char *s2, + size_t n, char **dest) +{ + size_t size1; + size_t size2; + char *rval; + + if (dest == NULL || + slen(s1, n, &size1) < 0 || + slen(s2, n, &size2) < 0 || + if_err(size1 > SIZE_MAX - size2 - 1, EOVERFLOW) || + (rval = malloc(size1 + size2 + 1)) == NULL) { + + if (dest != NULL) + *dest = NULL; + return -1; + } + + memcpy(rval, s1, size1); + memcpy(rval + size1, s2, size2); + *(rval + size1 + size2) = '\0'; + + *dest = rval; + return 0; +} + +/* strict split/de-cat - off is where + 2nd buffer will start from */ +int +dcat(const char *s, size_t n, + size_t off, char **dest1, + char **dest2) +{ + size_t size; + char *rval1 = NULL; + char *rval2 = NULL; + + if (dest1 == NULL || dest2 == NULL || + slen(s, n, &size) < 0 || + if_err(size == SIZE_MAX, EOVERFLOW) || + if_err(off >= size, EOVERFLOW) || + (rval1 = malloc(off + 1)) == NULL || + (rval2 = malloc(size - off + 1)) == NULL) { + + goto err; + } + + memcpy(rval1, s, off); + *(rval1 + off) = '\0'; + + memcpy(rval2, s + off, size - off); + *(rval2 + size - off) = '\0'; + + *dest1 = rval1; + *dest2 = rval2; + + return 0; + +err: + if (rval1 != NULL) + free(rval1); + if (rval2 != NULL) + free(rval2); + + if (dest1 != NULL) + *dest1 = NULL; + if (dest2 != NULL) + *dest2 = NULL; + + return -1; } /* the one for nvmutil state is in state.c */ |