diff options
author | Laurent Bercot <ska-skaware@skarnet.org> | 2022-06-23 08:46:40 +0000 |
---|---|---|
committer | Laurent Bercot <ska@appnovation.com> | 2022-06-23 08:46:40 +0000 |
commit | 664f0f3af7eb8aef89e6b1adee2d83b4c4f4cf9f (patch) | |
tree | e65e96fbad077f0fe152b7560ec2f5a6ea259e8d /src/sysdeps/trychroot.c | |
parent | 0e4bc9efc11636b2d06e2cf6dccb7e6a6094f08f (diff) | |
download | skalibs-664f0f3af7eb8aef89e6b1adee2d83b4c4f4cf9f.tar.xz |
Add runtime fallback for GRND_INSECURE
The grndinsecure sysdep is only build-time tested and returns yes
if the kernel headers declare GRND_INSECURE. That is a problem
because the kernel headers are most likely provided by the toolchain
and do not reflect the exact capabilities of the run-time kernel.
If the run-time kernel doesn't support that option, getrandom()
fails. That made random_buf_early() busyloop.
To avoid that, we now fallback to random_devurandom() as an
implementation of random_buf_early() if getrandom() fails when
used with GRND_INSECURE. This adds a slight amount of overhead
to random_buf_early(), so it's probably better to just disable
the sysdep at build time if you're making binaries that will run
on older kernels.
Signed-off-by: Laurent Bercot <ska@appnovation.com>
Diffstat (limited to 'src/sysdeps/trychroot.c')
0 files changed, 0 insertions, 0 deletions