Skip to content

Commit 40b1c3a

Browse files
ramsay-jonesNinjaInShade
ramsay-jones
authored and
NinjaInShade
committed
config.mak.uname: set CSPRNG_METHOD to getrandom on Linux
Commit 05cd988 ("wrapper: add a helper to generate numbers from a CSPRNG", 2022-01-17) added a csprng_bytes() function which used one of several interfaces to provide a source of cryptographically secure pseudorandom numbers. The CSPRNG_METHOD make variable was provided to determine the choice of available 'backends' for the source of random bytes. Commit 05cd988 did not set CSPRNG_METHOD in the Linux section of the config.mak.uname file, so it defaults to using '/dev/urandom' as the source of random bytes. The 'backend' values which could be used on Linux are 'arc4random', 'getrandom' or 'getentropy' ('openssl' is an option, but seems to be discouraged). The arc4random routines (arc4random_buf() is the one actually used) were added to glibc in version 2.36, while both getrandom() and getentropy() were included in 2.25. So, some of the more up-to-date distributions of Linux (eg Debian 12, Ubuntu 24.04) would be able to use the 'arc4random' setting. All currently supported distributions have glibc 2.25 or later (RHEL 8 has v2.28) and, therefore, have support for the 'getrandom' and 'getentropy' settings. The arc4random routines on the *BSDs (along with cygwin) implement the ChaCha20 stream cipher algorithm (see RFC8439) in userspace, rather than as a system call, and are thus somewhat faster (having avoided a context switch to the kernel). In contrast, on Linux all three functions are simple wrappers around the same kernel CSPRNG syscall. If the meson build system is used on a newer platform, then they will be configured to use 'arc4random', whereas the make build will currently default to using '/dev/urandom' on Linux. Since there is no advantage, in terms of performance, to the 'arc4random' setting, the 'getrandom' setting should be preferred from an availability perspective. (Also, the current uses of csprng_bytes() are not in any hot path). In order to set an appropriate default, set the CSPRNG_METHOD build variable to 'getrandom' in the Linux section of the 'config.mak.uname' file. Signed-off-by: Ramsay Jones <[email protected]> Signed-off-by: Junio C Hamano <[email protected]>
1 parent 4e4395a commit 40b1c3a

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

config.mak.uname

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,7 @@ ifeq ($(uname_S),Linux)
5050
HAVE_ALLOCA_H = YesPlease
5151
# override in config.mak if you have glibc >= 2.38
5252
NO_STRLCPY = YesPlease
53+
CSPRNG_METHOD = getrandom
5354
HAVE_PATHS_H = YesPlease
5455
LIBC_CONTAINS_LIBINTL = YesPlease
5556
HAVE_DEV_TTY = YesPlease

0 commit comments

Comments
 (0)