From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Wed, 27 Sep 2017 16:33:35 -0700 Subject: [PATCH] Add . iOS 10 has with getentropy, glibc >= 2.25 has with getentropy and getrandom. (glibc also pollutes , but that seems like a bad idea.) Also, all supported devices now have kernels with the getrandom system call. We've had these available internally for a while, but it seems like the time is ripe to expose them. Bug: http://b/67014255 Test: ran tests Change-Id: I76dde1e3a2d0bc82777eea437ac193f96964f138 --- libc/SECCOMP_WHITELIST.TXT | 1 - libc/SYSCALLS.TXT | 3 + libc/arch-arm/syscalls/getrandom.S | 16 +++ libc/arch-arm64/syscalls/getrandom.S | 14 ++ libc/arch-mips/syscalls/getrandom.S | 19 +++ libc/arch-mips64/syscalls/getrandom.S | 25 ++++ libc/arch-x86/syscalls/getrandom.S | 39 ++++++ libc/arch-x86_64/syscalls/getrandom.S | 15 +++ libc/include/sys/random.h | 47 +++++++ libc/libc.arm.map | 2 + libc/libc.arm64.map | 2 + libc/libc.map.txt | 2 + libc/libc.mips.map | 2 + libc/libc.mips64.map | 2 + libc/libc.x86.map | 2 + libc/libc.x86_64.map | 2 + .../android/include/openbsd-compat.h | 10 +- tests/Android.bp | 1 + tests/sys_random_test.cpp | 120 ++++++++++++++++++ 19 files changed, 319 insertions(+), 5 deletions(-) create mode 100644 libc/arch-arm/syscalls/getrandom.S create mode 100644 libc/arch-arm64/syscalls/getrandom.S create mode 100644 libc/arch-mips/syscalls/getrandom.S create mode 100644 libc/arch-mips64/syscalls/getrandom.S create mode 100644 libc/arch-x86/syscalls/getrandom.S create mode 100644 libc/arch-x86_64/syscalls/getrandom.S create mode 100644 libc/include/sys/random.h create mode 100644 tests/sys_random_test.cpp diff --git a/libc/SECCOMP_WHITELIST.TXT b/libc/SECCOMP_WHITELIST.TXT index 0b9dad3ff..f36b29032 100644 --- a/libc/SECCOMP_WHITELIST.TXT +++ b/libc/SECCOMP_WHITELIST.TXT @@ -35,7 +35,6 @@ int clone:clone(int (*fn)(void *), void *child_stack, int flags, void *arg, ..) int rt_sigreturn:rt_sigreturn(unsigned long __unused) all int rt_tgsigqueueinfo:int rt_tgsigqueueinfo(pid_t tgid, pid_t tid, int sig, siginfo_t *uinfo) all int restart_syscall:int restart_syscall() all -int getrandom:int getrandom(void *buf, size_t buflen, unsigned int flags) all int fstatat64|fstatat:newfstatat(int, const char*, struct stat*, int) mips64 int fstat64|fstat:fstat(int, struct stat*) mips64 int _flush_cache:cacheflush(char* addr, const int nbytes, const int op) mips64 diff --git a/libc/SYSCALLS.TXT b/libc/SYSCALLS.TXT index d674630ac..2070de7b5 100644 --- a/libc/SYSCALLS.TXT +++ b/libc/SYSCALLS.TXT @@ -352,3 +352,6 @@ int __set_thread_area:set_thread_area(void*) x86 # vdso stuff. int __clock_gettime:clock_gettime(clockid_t, timespec*) all int __gettimeofday:gettimeofday(timeval*, timezone*) all + +# +ssize_t getrandom(void*, size_t, unsigned) all diff --git a/libc/arch-arm/syscalls/getrandom.S b/libc/arch-arm/syscalls/getrandom.S new file mode 100644 index 000000000..3f28af6f0 --- /dev/null +++ b/libc/arch-arm/syscalls/getrandom.S @@ -0,0 +1,16 @@ +/* Generated by gensyscalls.py. Do not edit. */ + +#include + +ENTRY(getrandom) + mov ip, r7 + .cfi_register r7, ip + ldr r7, =__NR_getrandom + swi #0 + mov r7, ip + .cfi_restore r7 + cmn r0, #(MAX_ERRNO + 1) + bxls lr + neg r0, r0 + b __set_errno_internal +END(getrandom) diff --git a/libc/arch-arm64/syscalls/getrandom.S b/libc/arch-arm64/syscalls/getrandom.S new file mode 100644 index 000000000..c8fe41ffd --- /dev/null +++ b/libc/arch-arm64/syscalls/getrandom.S @@ -0,0 +1,14 @@ +/* Generated by gensyscalls.py. Do not edit. */ + +#include + +ENTRY(getrandom) + mov x8, __NR_getrandom + svc #0 + + cmn x0, #(MAX_ERRNO + 1) + cneg x0, x0, hi + b.hi __set_errno_internal + + ret +END(getrandom) diff --git a/libc/arch-mips/syscalls/getrandom.S b/libc/arch-mips/syscalls/getrandom.S new file mode 100644 index 000000000..7a2f3b978 --- /dev/null +++ b/libc/arch-mips/syscalls/getrandom.S @@ -0,0 +1,19 @@ +/* Generated by gensyscalls.py. Do not edit. */ + +#include + +ENTRY(getrandom) + .set noreorder + .cpload t9 + li v0, __NR_getrandom + syscall + bnez a3, 1f + move a0, v0 + j ra + nop +1: + la t9,__set_errno_internal + j t9 + nop + .set reorder +END(getrandom) diff --git a/libc/arch-mips64/syscalls/getrandom.S b/libc/arch-mips64/syscalls/getrandom.S new file mode 100644 index 000000000..3c5b4673f --- /dev/null +++ b/libc/arch-mips64/syscalls/getrandom.S @@ -0,0 +1,25 @@ +/* Generated by gensyscalls.py. Do not edit. */ + +#include + +ENTRY(getrandom) + .set push + .set noreorder + li v0, __NR_getrandom + syscall + bnez a3, 1f + move a0, v0 + j ra + nop +1: + move t0, ra + bal 2f + nop +2: + .cpsetup ra, t1, 2b + LA t9,__set_errno_internal + .cpreturn + j t9 + move ra, t0 + .set pop +END(getrandom) diff --git a/libc/arch-x86/syscalls/getrandom.S b/libc/arch-x86/syscalls/getrandom.S new file mode 100644 index 000000000..2e8ebc955 --- /dev/null +++ b/libc/arch-x86/syscalls/getrandom.S @@ -0,0 +1,39 @@ +/* Generated by gensyscalls.py. Do not edit. */ + +#include + +ENTRY(getrandom) + pushl %ebx + .cfi_def_cfa_offset 8 + .cfi_rel_offset ebx, 0 + pushl %ecx + .cfi_adjust_cfa_offset 4 + .cfi_rel_offset ecx, 0 + pushl %edx + .cfi_adjust_cfa_offset 4 + .cfi_rel_offset edx, 0 + + call __kernel_syscall + pushl %eax + .cfi_adjust_cfa_offset 4 + .cfi_rel_offset eax, 0 + + mov 20(%esp), %ebx + mov 24(%esp), %ecx + mov 28(%esp), %edx + movl $__NR_getrandom, %eax + call *(%esp) + addl $4, %esp + + cmpl $-MAX_ERRNO, %eax + jb 1f + negl %eax + pushl %eax + call __set_errno_internal + addl $4, %esp +1: + popl %edx + popl %ecx + popl %ebx + ret +END(getrandom) diff --git a/libc/arch-x86_64/syscalls/getrandom.S b/libc/arch-x86_64/syscalls/getrandom.S new file mode 100644 index 000000000..c5e44a966 --- /dev/null +++ b/libc/arch-x86_64/syscalls/getrandom.S @@ -0,0 +1,15 @@ +/* Generated by gensyscalls.py. Do not edit. */ + +#include + +ENTRY(getrandom) + movl $__NR_getrandom, %eax + syscall + cmpq $-MAX_ERRNO, %rax + jb 1f + negl %eax + movl %eax, %edi + call __set_errno_internal +1: + ret +END(getrandom) diff --git a/libc/include/sys/random.h b/libc/include/sys/random.h new file mode 100644 index 000000000..34756520e --- /dev/null +++ b/libc/include/sys/random.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2017 The Android Open Source Project + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef _SYS_RANDOM_H_ +#define _SYS_RANDOM_H_ + +#include +#include + +#include + +__BEGIN_DECLS + +/* See also arc4random_buf in , which is available in all API levels. */ + +int getentropy(void* __buffer, size_t __buffer_size) __wur __INTRODUCED_IN_FUTURE; + +ssize_t getrandom(void* __buffer, size_t __buffer_size, unsigned int __flags) __wur __INTRODUCED_IN_FUTURE; + +__END_DECLS + +#endif diff --git a/libc/libc.arm.map b/libc/libc.arm.map index a4212dda7..aa66b4d61 100644 --- a/libc/libc.arm.map +++ b/libc/libc.arm.map @@ -1532,6 +1532,8 @@ LIBC_PRIVATE { vfdprintf; # arm x86 mips wait3; # arm x86 mips wcswcs; # arm x86 mips + getentropy; # future + getrandom; # future } LIBC_O; LIBC_DEPRECATED { diff --git a/libc/libc.arm64.map b/libc/libc.arm64.map index bf0341ad2..6a34fb533 100644 --- a/libc/libc.arm64.map +++ b/libc/libc.arm64.map @@ -1249,6 +1249,8 @@ LIBC_PRIVATE { free_malloc_leak_info; get_malloc_leak_info; gMallocLeakZygoteChild; + getentropy; # future + getrandom; # future } LIBC_O; LIBC_DEPRECATED { diff --git a/libc/libc.map.txt b/libc/libc.map.txt index c271a57e4..d740fe764 100644 --- a/libc/libc.map.txt +++ b/libc/libc.map.txt @@ -1558,6 +1558,8 @@ LIBC_PRIVATE { vfdprintf; # arm x86 mips wait3; # arm x86 mips wcswcs; # arm x86 mips + getentropy; # future + getrandom; # future } LIBC_O; LIBC_DEPRECATED { diff --git a/libc/libc.mips.map b/libc/libc.mips.map index 214c7f506..385606c64 100644 --- a/libc/libc.mips.map +++ b/libc/libc.mips.map @@ -1373,6 +1373,8 @@ LIBC_PRIVATE { vfdprintf; # arm x86 mips wait3; # arm x86 mips wcswcs; # arm x86 mips + getentropy; # future + getrandom; # future } LIBC_O; LIBC_DEPRECATED { diff --git a/libc/libc.mips64.map b/libc/libc.mips64.map index bf0341ad2..6a34fb533 100644 --- a/libc/libc.mips64.map +++ b/libc/libc.mips64.map @@ -1249,6 +1249,8 @@ LIBC_PRIVATE { free_malloc_leak_info; get_malloc_leak_info; gMallocLeakZygoteChild; + getentropy; # future + getrandom; # future } LIBC_O; LIBC_DEPRECATED { diff --git a/libc/libc.x86.map b/libc/libc.x86.map index 145b64ebf..2b29d3e51 100644 --- a/libc/libc.x86.map +++ b/libc/libc.x86.map @@ -1372,6 +1372,8 @@ LIBC_PRIVATE { vfdprintf; # arm x86 mips wait3; # arm x86 mips wcswcs; # arm x86 mips + getentropy; # future + getrandom; # future } LIBC_O; LIBC_DEPRECATED { diff --git a/libc/libc.x86_64.map b/libc/libc.x86_64.map index bf0341ad2..6a34fb533 100644 --- a/libc/libc.x86_64.map +++ b/libc/libc.x86_64.map @@ -1249,6 +1249,8 @@ LIBC_PRIVATE { free_malloc_leak_info; get_malloc_leak_info; gMallocLeakZygoteChild; + getentropy; # future + getrandom; # future } LIBC_O; LIBC_DEPRECATED { diff --git a/libc/upstream-openbsd/android/include/openbsd-compat.h b/libc/upstream-openbsd/android/include/openbsd-compat.h index 1e433beef..dbc2db44c 100644 --- a/libc/upstream-openbsd/android/include/openbsd-compat.h +++ b/libc/upstream-openbsd/android/include/openbsd-compat.h @@ -18,10 +18,15 @@ #define _BIONIC_OPENBSD_COMPAT_H_included #define _BSD_SOURCE - #include + #include // For size_t. +// TODO: libandroid_support uses this file, so we need to wait for +// to be in the NDK headers before we can lose this declaration. +//#include // For getentropy. +int getentropy(void*, size_t); + #define __BEGIN_HIDDEN_DECLS _Pragma("GCC visibility push(hidden)") #define __END_HIDDEN_DECLS _Pragma("GCC visibility pop") @@ -74,9 +79,6 @@ extern const char* __progname; __LIBC_HIDDEN__ extern const char* __bionic_get_shell_path(); #define _PATH_BSHELL __bionic_get_shell_path() -/* We have OpenBSD's getentropy_linux.c, but we don't mention getentropy in any header. */ -__LIBC_HIDDEN__ extern int getentropy(void*, size_t); - /* OpenBSD has this as API, but we just use it internally. */ __LIBC_HIDDEN__ void* reallocarray(void*, size_t, size_t); diff --git a/tests/Android.bp b/tests/Android.bp index 29204b558..b120ac3cc 100644 --- a/tests/Android.bp +++ b/tests/Android.bp @@ -121,6 +121,7 @@ cc_test_library { "sys_procfs_test.cpp", "sys_ptrace_test.cpp", "sys_quota_test.cpp", + "sys_random_test.cpp", "sys_resource_test.cpp", "sys_select_test.cpp", "sys_sem_test.cpp", diff --git a/tests/sys_random_test.cpp b/tests/sys_random_test.cpp new file mode 100644 index 000000000..a25490c67 --- /dev/null +++ b/tests/sys_random_test.cpp @@ -0,0 +1,120 @@ +/* + * Copyright (C) 2017 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +// was only added as of glibc version 2.25. +// Don't try to compile this code on older glibc versions. + +#include +#if defined(__BIONIC__) + #define HAVE_SYS_RANDOM 1 +#elif defined(__GLIBC_PREREQ) + #if __GLIBC_PREREQ(2, 25) + #define HAVE_SYS_RANDOM 1 + #endif +#endif + + +#if defined(HAVE_SYS_RANDOM) +#include +#endif + +#include +#include + +TEST(sys_random, getentropy) { +#if defined(HAVE_SYS_RANDOM) + char buf1[64]; + char buf2[64]; + + ASSERT_EQ(0, getentropy(buf1, sizeof(buf1))); + ASSERT_EQ(0, getentropy(buf2, sizeof(buf2))); + ASSERT_TRUE(memcmp(buf1, buf2, sizeof(buf1)) != 0); +#else + GTEST_LOG_(INFO) << "This test requires a C library with .\n"; +#endif +} + +TEST(sys_random, getentropy_EFAULT) { +#if defined(HAVE_SYS_RANDOM) + errno = 0; + ASSERT_EQ(-1, getentropy(nullptr, 1)); + ASSERT_EQ(EFAULT, errno); +#else + GTEST_LOG_(INFO) << "This test requires a C library with .\n"; +#endif +} + +TEST(sys_random, getentropy_EIO) { +#if defined(HAVE_SYS_RANDOM) + char buf[BUFSIZ]; + static_assert(BUFSIZ > 256, "BUFSIZ <= 256!"); + + errno = 0; + ASSERT_EQ(-1, getentropy(buf, sizeof(buf))); + ASSERT_EQ(EIO, errno); +#else + GTEST_LOG_(INFO) << "This test requires a C library with .\n"; +#endif +} + +TEST(sys_random, getrandom) { +#if defined(HAVE_SYS_RANDOM) + if (getrandom(nullptr, 0, 0) == -1 && errno == ENOSYS) { + GTEST_LOG_(INFO) << "This test requires a >= 3.17 kernel with getrandom(2).\n"; + return; + } + + char buf1[64]; + char buf2[64]; + + ASSERT_EQ(64, getrandom(buf1, sizeof(buf1), 0)); + ASSERT_EQ(64, getrandom(buf2, sizeof(buf2), 0)); + ASSERT_TRUE(memcmp(buf1, buf2, sizeof(buf1)) != 0); +#else + GTEST_LOG_(INFO) << "This test requires a C library with .\n"; +#endif +} + +TEST(sys_random, getrandom_EFAULT) { +#if defined(HAVE_SYS_RANDOM) + if (getrandom(nullptr, 0, 0) == -1 && errno == ENOSYS) { + GTEST_LOG_(INFO) << "This test requires a >= 3.17 kernel with getrandom(2).\n"; + return; + } + + errno = 0; + ASSERT_EQ(-1, getrandom(nullptr, 256, 0)); + ASSERT_EQ(EFAULT, errno); +#else + GTEST_LOG_(INFO) << "This test requires a C library with .\n"; +#endif +} + +TEST(sys_random, getrandom_EINVAL) { +#if defined(HAVE_SYS_RANDOM) + if (getrandom(nullptr, 0, 0) == -1 && errno == ENOSYS) { + GTEST_LOG_(INFO) << "This test requires a >= 3.17 kernel with getrandom(2).\n"; + return; + } + + errno = 0; + char buf[64]; + ASSERT_EQ(-1, getrandom(buf, sizeof(buf), ~0)); + ASSERT_EQ(EINVAL, errno); +#else + GTEST_LOG_(INFO) << "This test requires a C library with .\n"; +#endif +}