On 1/4/21 9:03 AM, Adhemerval Zanella wrote:
For __GT_NOCREATE (mktemp, tempnam, tmpnam) getrandom is also used on first try, otherwise randomness is obtained using the clock plus a linear congruential generator.
Why not use getrandom in the first try also for __GT_DIR (mkdtemp) and __GT_FILE (mkostemp, mkostemps, mkstemp, mkstemps, tmpfile)? That is what Gnulib tempname.c is doing now. This not only simplifies the code, it improves resistance to some (admittedly less-likely) attacks.
Also for getrandom GRND_NONBLOCK is used to avoid blocking indefinitely on some older kernels.
Thanks, I installed that part of the proposal into Gnulib by installing the attached. The idea is for tempname.c to be identical after we get the abovementioned issue worked out.
From b0ebaf83a49fe4a895a78ddf5b0c4a029e34c566 Mon Sep 17 00:00:00 2001 From: Paul Eggert <egg...@cs.ucla.edu> Date: Fri, 8 Jan 2021 17:54:30 -0800 Subject: [PATCH] =?UTF-8?q?tempname:=20don=E2=80=99t=20block=20for=20minut?= =?UTF-8?q?es?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Derived from a patch proposed by Adhemerval Zanella in: https://sourceware.org/pipermail/libc-alpha/2021-January/121302.html * lib/tempname.c (random_bits): Use GRND_NONBLOCK. --- ChangeLog | 5 +++++ lib/tempname.c | 5 +++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 812888f8e..b76330e5b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,10 @@ 2021-01-08 Paul Eggert <egg...@cs.ucla.edu> + tempname: don’t block for minutes + Derived from a patch proposed by Adhemerval Zanella in: + https://sourceware.org/pipermail/libc-alpha/2021-January/121302.html + * lib/tempname.c (random_bits): Use GRND_NONBLOCK. + tempname: sync with proposed glibc patch This is from Adhemerval Zanella in: https://sourceware.org/pipermail/libc-alpha/2021-January/121301.html diff --git a/lib/tempname.c b/lib/tempname.c index f196b9862..f199b25a7 100644 --- a/lib/tempname.c +++ b/lib/tempname.c @@ -80,10 +80,11 @@ static random_value random_bits (random_value var) { random_value r; - if (__getrandom (&r, sizeof r, 0) == sizeof r) + /* Without GRND_NONBLOCK it can be blocked for minutes on some systems. */ + if (__getrandom (&r, sizeof r, GRND_NONBLOCK) == sizeof r) return r; #if _LIBC || (defined CLOCK_MONOTONIC && HAVE_CLOCK_GETTIME) - /* Add entropy if getrandom is not supported. */ + /* Add entropy if getrandom did not work. */ struct __timespec64 tv; __clock_gettime64 (CLOCK_MONOTONIC, &tv); var ^= tv.tv_nsec; -- 2.27.0