From 1f205662a98284b66a664588893c1638bde7bb35 Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Sun, 15 Mar 2026 20:53:06 +0000 Subject: util/nvmutil: re-enable urandom reads i had to loosen the pledges for the new i/o framework, which needs more permissions as a result, i can now open urandom in this function statically, rather than in nvmutil's control logic and because of that, it's less buggy now arc4random is disabled on linux by default, because it's not universally available on all libc, and only since about 2022 in some glibc versions better for portability to let linux users justt use urandom the new logic is different. now it falls back to rand per-byte, but in practise it almost never will. Signed-off-by: Leah Rowe --- util/nvmutil/nvmutil.c | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'util/nvmutil') diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c index 4eb013be..af6c8e19 100644 --- a/util/nvmutil/nvmutil.c +++ b/util/nvmutil/nvmutil.c @@ -381,6 +381,7 @@ static ushort hextonum(char ch_s); static ushort rhex(void); #if !defined(HAVE_ARC4RANDOM_BUF) || \ (HAVE_ARC4RANDOM_BUF) < 1 +static ushort read_urandom(void); static ulong entropy_jitter(void); #endif static void write_mac_part(size_t partnum); @@ -1370,6 +1371,11 @@ rhex(void) struct timeval tv; ulong mix; static ulong counter = 0; + ushort r; + + r = read_urandom(); + if (r < 16) + return r; gettimeofday(&tv, NULL); @@ -1391,6 +1397,38 @@ rhex(void) return (ushort)(mix & 0xf); } +static ushort +read_urandom(void) +{ + static int fd = -1; + static ssize_t n = -1; + + static u8 r[12]; + + if (fd < 0) { + + fd = open("/dev/urandom", O_RDONLY); + + if (fd < 0) + return 16; + } + + if (n < 0) { + + n = rw_file_exact(fd, r, 12, 0, IO_READ, + LOOP_EAGAIN, LOOP_EINTR, 2, OFF_ERR); + + if (n == 0) + n = -1; + if (n < 0) + return 16; + + --n; + } + + return r[n--] & 0xf; +} + static ulong entropy_jitter(void) { -- cgit v1.2.1