rust-lang/rust
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
09a615c09761d5066b19d4b58a6a1d0e515ede45
rust/src/libstd/sys/unix/rand.rs

211 lines
6.8 KiB
Rust
Raw Normal View History

Initial version of AArch64 support. Adds AArch64 knowledge to: * configure, * make files, * sources, * tests, and * documentation.
2014-12-12 23:39:27 +00:00
// Copyright 2013-2015 The Rust Project Developers. See the COPYRIGHT
std::rand: Add OSRng, ReaderRng wrappers around the OS RNG & generic Readers respectively. The former reads from e.g. /dev/urandom, the latter just wraps any std::rt::io::Reader into an interface that implements Rng. This also adds Rng.fill_bytes for efficient implementations of the above (reading 8 bytes at a time is inefficient when you can read 1000), and removes the dependence on src/rt (i.e. rand_gen_seed) although this last one requires implementing hand-seeding of the XorShiftRng used in the scheduler on Linux/unixes, since OSRng relies on a scheduler existing to be able to read from /dev/urandom.
2013-09-22 20:51:57 +10:00
// file at the top-level directory of this distribution and at
// http://rust-lang.org/COPYRIGHT.
//
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
Reduce duplication in std::sys::unix::rand. There were a bunch of more-of-less the same few lines for doing a fill_bytes+transmute, and I didn't want to copy-paste it yet again.
2016-07-29 07:48:52 +00:00
use mem;
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
use slice;
pub fn hashmap_random_keys() -> (u64, u64) {
let mut v = (0, 0);
unsafe {
let view = slice::from_raw_parts_mut(&mut v as *mut _ as *mut u8,
mem::size_of_val(&v));
imp::fill_bytes(view);
}
return v
Reduce duplication in std::sys::unix::rand. There were a bunch of more-of-less the same few lines for doing a fill_bytes+transmute, and I didn't want to copy-paste it yet again.
2016-07-29 07:48:52 +00:00
}
Use the kernel arc4rand for FreeBSD OsRng. This means that /dev/urandom doesn't have to be opened.
2016-08-14 08:27:11 +00:00
#[cfg(all(unix,
not(target_os = "ios"),
not(target_os = "openbsd"),
Add support for kernel randomness for Fuchsia Wire up cprng syscall as provider for rand::os::OsRng on Fuchsia.
2016-10-24 16:42:57 -07:00
not(target_os = "freebsd"),
not(target_os = "fuchsia")))]
rand: Rewrite OsRng in Rust for windows This removes even more rust_builtin.c code, and allows us to more gracefully handle errors (not a process panic, but a task failure).
2014-03-19 17:53:57 -07:00
mod imp {
std: Remove old_io/old_path/rand modules This commit entirely removes the old I/O, path, and rand modules. All functionality has been deprecated and unstable for quite some time now!
2015-04-09 17:42:22 -07:00
use fs::File;
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
use io::Read;
std: Clean out #[deprecated] APIs This commit cleans out a large amount of deprecated APIs from the standard library and some of the facade crates as well, updating all users in the compiler and in tests as it goes along.
2015-03-30 11:00:05 -07:00
use libc;
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
use sync::atomic::{AtomicBool, AtomicI32, Ordering};
std: Clean out #[deprecated] APIs This commit cleans out a large amount of deprecated APIs from the standard library and some of the facade crates as well, updating all users in the compiler and in tests as it goes along.
2015-03-30 11:00:05 -07:00
use sys::os::errno;
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
static GETRANDOM_URANDOM_FD: AtomicI32 = AtomicI32::new(-1);
#[cfg(any(target_os = "linux", target_os = "android"))]
static GETRANDOM_UNAVAILABLE: AtomicBool = AtomicBool::new(false);
#[cfg(any(target_os = "linux", target_os = "android"))]
fn is_getrandom_permanently_unavailable() -> bool {
GETRANDOM_UNAVAILABLE.load(Ordering::Relaxed)
}
#[cfg(not(any(target_os = "linux", target_os = "android")))]
fn is_getrandom_permanently_unavailable() -> bool {
true
}
Use getrandom syscall for all Linux and Android targets.
2017-11-09 18:49:29 -02:00
#[cfg(any(target_os = "linux", target_os = "android"))]
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
fn getrandom(buf: &mut [u8]) -> libc::c_long {
unsafe {
Use getrandom syscall for all Linux and Android targets.
2017-11-09 18:49:29 -02:00
libc::syscall(libc::SYS_getrandom, buf.as_mut_ptr(), buf.len(), libc::GRND_NONBLOCK)
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
}
}
Use getrandom syscall for all Linux and Android targets.
2017-11-09 18:49:29 -02:00
#[cfg(not(any(target_os = "linux", target_os = "android")))]
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
fn getrandom_fill_bytes(_buf: &mut [u8]) -> bool { false }
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
#[cfg(any(target_os = "linux", target_os = "android"))]
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
fn getrandom_fill_bytes(v: &mut [u8]) -> bool {
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
if is_getrandom_permanently_unavailable() {
return false;
}
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
let mut read = 0;
Trivial cleanup Remove a needless variable and simply a cfg().
2015-12-17 00:36:31 -05:00
while read < v.len() {
Fallout from stabilization.
2015-01-17 16:15:52 -08:00
let result = getrandom(&mut v[read..]);
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
if result == -1 {
let err = errno() as libc::c_int;
if err == libc::EINTR {
continue;
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
} else if err == libc::ENOSYS {
GETRANDOM_UNAVAILABLE.store(true, Ordering::Relaxed);
rand: don't block before random pool is initialized If we attempt a read with getrandom() on Linux the syscall can block before the random pool is initialized unless the GRND_NONBLOCK flag is passed. This flag causes getrandom() to instead return EAGAIN while the pool is uninitialized. To avoid downstream users of crate or std functionality that have no ability to avoid this blocking behavior this change causes Rust to read bytes from /dev/urandom while getrandom() would block and once getrandom() is available to use that. Fixes #32953. Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
2016-04-16 15:25:56 -05:00
} else if err == libc::EAGAIN {
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
return false;
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
} else {
panic!("unexpected getrandom error: {}", err);
}
} else {
cleanup depricated `uint` in rand mod and rand os
2015-01-26 19:48:29 -05:00
read += result as usize;
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
}
}
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
true
std::rand::OsRng: Use `getrandom` syscall on Linux `getrandom(2)` system call [1] has been added on Linux 3.17. This patch makes `OsRng` use `getrandom` if available, and use traditional `/dev/urandom` fallback if not. [1]: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f38894798696f23c8084ca7edbf16ee895
2014-11-06 03:53:27 +09:00
}
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
pub fn fill_bytes(v: &mut [u8]) {
// getrandom_fill_bytes here can fail if getrandom() returns EAGAIN,
// meaning it would have blocked because the non-blocking pool (urandom)
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
// has not initialized in the kernel yet due to a lack of entropy. The
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
// fallback we do here is to avoid blocking applications which could
// depend on this call without ever knowing they do and don't have a
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
// work around. The PRNG of /dev/urandom will still be used but over a
// possibly predictable entropy pool.
if getrandom_fill_bytes(v) {
return;
rand: Rewrite OsRng in Rust for windows This removes even more rust_builtin.c code, and allows us to more gracefully handle errors (not a process panic, but a task failure).
2014-03-19 17:53:57 -07:00
}
std::rand: Add OSRng, ReaderRng wrappers around the OS RNG & generic Readers respectively. The former reads from e.g. /dev/urandom, the latter just wraps any std::rt::io::Reader into an interface that implements Rng. This also adds Rng.fill_bytes for efficient implementations of the above (reading 8 bytes at a time is inefficient when you can read 1000), and removes the dependence on src/rt (i.e. rand_gen_seed) although this last one requires implementing hand-seeding of the XorShiftRng used in the scheduler on Linux/unixes, since OSRng relies on a scheduler existing to be able to read from /dev/urandom.
2013-09-22 20:51:57 +10:00
Reduce number of syscalls in `rand` In case that it is statically known that the OS doesn't support `getrandom` (non-Linux) or becomes clear at runtime that `getrandom` isn't available (`ENOSYS`), the opened fd ("/dev/urandom") isn't closed after the function, so that future calls can reuse it. This saves repeated `open`/`close` system calls at the cost of one permanently open fd. Additionally, this skips the initial zero-length `getrandom` call and directly hands the user buffer to the operating system, saving one `getrandom` syscall.
2018-08-26 21:13:44 +02:00
// getrandom failed for some reason. If the getrandom call is
// permanently unavailable (OS without getrandom, or OS version without
// getrandom), we'll keep around the fd for /dev/urandom for future
// requests, to avoid re-opening the file on every call.
//
// Otherwise, open /dev/urandom, read from it, and close it again.
use super::super::ext::io::{FromRawFd, IntoRawFd};
let mut fd = GETRANDOM_URANDOM_FD.load(Ordering::Relaxed);
let mut close_fd = false;
if fd == -1 {
if !is_getrandom_permanently_unavailable() {
close_fd = true;
}
let file = File::open("/dev/urandom").expect("failed to open /dev/urandom");
fd = file.into_raw_fd();
// If some other thread also opened /dev/urandom and set the global
// fd already, we close our fd at the end of the function.
if !close_fd && GETRANDOM_URANDOM_FD.compare_and_swap(-1, fd, Ordering::Relaxed) != -1 {
close_fd = true;
}
}
let mut file = unsafe { File::from_raw_fd(fd) };
let res = file.read_exact(v);
if !close_fd {
let _ = file.into_raw_fd();
}
res.expect("failed to read /dev/urandom");
std::rand: Add OSRng, ReaderRng wrappers around the OS RNG & generic Readers respectively. The former reads from e.g. /dev/urandom, the latter just wraps any std::rt::io::Reader into an interface that implements Rng. This also adds Rng.fill_bytes for efficient implementations of the above (reading 8 bytes at a time is inefficient when you can read 1000), and removes the dependence on src/rt (i.e. rand_gen_seed) although this last one requires implementing hand-seeding of the XorShiftRng used in the scheduler on Linux/unixes, since OSRng relies on a scheduler existing to be able to read from /dev/urandom.
2013-09-22 20:51:57 +10:00
}
}
Use the getentropy(2) syscall on OpenBSD Rust already supports Linux's getrandom(2), which is very similar and was based on getentropy(2). This is a pretty clean, simple addition that uses the same approach as the iOS randomness API support.
2015-12-16 21:54:16 -05:00
#[cfg(target_os = "openbsd")]
mod imp {
unbreak openbsd code - upgrades libc to version with si_addr support in openbsd - declares libc use for getentropy
2015-12-21 10:12:48 +01:00
use libc;
Use the getentropy(2) syscall on OpenBSD Rust already supports Linux's getrandom(2), which is very similar and was based on getentropy(2). This is a pretty clean, simple addition that uses the same approach as the iOS randomness API support.
2015-12-16 21:54:16 -05:00
use sys::os::errno;
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
pub fn fill_bytes(v: &mut [u8]) {
// getentropy(2) permits a maximum buffer size of 256 bytes
for s in v.chunks_mut(256) {
let ret = unsafe {
libc::getentropy(s.as_mut_ptr() as *mut libc::c_void, s.len())
};
if ret == -1 {
panic!("unexpected getentropy error: {}", errno());
Use the getentropy(2) syscall on OpenBSD Rust already supports Linux's getrandom(2), which is very similar and was based on getentropy(2). This is a pretty clean, simple addition that uses the same approach as the iOS randomness API support.
2015-12-16 21:54:16 -05:00
}
}
}
}
Basic iOS support
2014-05-05 10:07:49 +03:00
#[cfg(target_os = "ios")]
mod imp {
iOS: os::last_os_error() fallout
2015-04-01 20:38:58 +03:00
use io;
std: Fix imports for ios target
2015-08-11 14:52:22 -05:00
use libc::{c_int, size_t};
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
use ptr;
Basic iOS support
2014-05-05 10:07:49 +03:00
Better FFI discipline
2015-08-05 17:50:18 -04:00
enum SecRandom {}
Basic iOS support
2014-05-05 10:07:49 +03:00
Update code with new lint names
2014-10-27 15:37:07 -07:00
#[allow(non_upper_case_globals)]
Use `null()`/`null_mut()` instead of `0 as *const T`/`0 as *mut T`
2015-09-03 09:49:50 +03:00
const kSecRandomDefault: *const SecRandom = ptr::null();
Basic iOS support
2014-05-05 10:07:49 +03:00
bootstrap: Add directives to not double-link libs Have all Cargo-built crates pass `--cfg cargobuild` and then add appropriate `#[cfg]` definitions to all crates to avoid linking anything if this is passed. This should help allow libstd to compile with both the makefiles and with Cargo.
2016-01-21 15:36:25 -08:00
extern {
Rename all raw pointers as necessary
2014-06-25 12:47:34 -07:00
fn SecRandomCopyBytes(rnd: *const SecRandom,
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
count: size_t,
bytes: *mut u8) -> c_int;
Basic iOS support
2014-05-05 10:07:49 +03:00
}
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
pub fn fill_bytes(v: &mut [u8]) {
let ret = unsafe {
SecRandomCopyBytes(kSecRandomDefault,
v.len(),
v.as_mut_ptr())
};
if ret == -1 {
panic!("couldn't generate random bytes: {}",
io::Error::last_os_error());
Basic iOS support
2014-05-05 10:07:49 +03:00
}
}
}
Use the kernel arc4rand for FreeBSD OsRng. This means that /dev/urandom doesn't have to be opened.
2016-08-14 08:27:11 +00:00
#[cfg(target_os = "freebsd")]
mod imp {
use libc;
use ptr;
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
pub fn fill_bytes(v: &mut [u8]) {
let mib = [libc::CTL_KERN, libc::KERN_ARND];
// kern.arandom permits a maximum buffer size of 256 bytes
for s in v.chunks_mut(256) {
let mut s_len = s.len();
let ret = unsafe {
libc::sysctl(mib.as_ptr(), mib.len() as libc::c_uint,
s.as_mut_ptr() as *mut _, &mut s_len,
ptr::null(), 0)
};
if ret == -1 || s_len != s.len() {
panic!("kern.arandom sysctl failed! (returned {}, s.len() {}, oldlenp {})",
ret, s.len(), s_len);
Use the kernel arc4rand for FreeBSD OsRng. This means that /dev/urandom doesn't have to be opened.
2016-08-14 08:27:11 +00:00
}
}
}
}
Add support for kernel randomness for Fuchsia Wire up cprng syscall as provider for rand::os::OsRng on Fuchsia.
2016-10-24 16:42:57 -07:00
#[cfg(target_os = "fuchsia")]
mod imp {
The Magenta kernel is now called Zircon.
2017-09-15 12:38:08 -07:00
#[link(name = "zircon")]
Add support for kernel randomness for Fuchsia Wire up cprng syscall as provider for rand::os::OsRng on Fuchsia.
2016-10-24 16:42:57 -07:00
extern {
[fuchsia] Update zx_cprng_draw to target semantics This change is the final step in improving the semantics of zx_cprng_draw. Now the syscall always generates the requested number of bytes. If the syscall would have failed to generate the requested number of bytes, the syscall either terminates the entire operating system or terminates the calling process, depending on whether the error is a result of the kernel misbehaving or the userspace program misbehaving.
2018-06-27 08:56:19 -07:00
fn zx_cprng_draw(buffer: *mut u8, len: usize);
Add support for kernel randomness for Fuchsia Wire up cprng syscall as provider for rand::os::OsRng on Fuchsia.
2016-10-24 16:42:57 -07:00
}
std: Remove `rand` crate and module This commit removes the `rand` crate from the standard library facade as well as the `__rand` module in the standard library. Neither of these were used in any meaningful way in the standard library itself. The only need for randomness in libstd is to initialize the thread-local keys of a `HashMap`, and that unconditionally used `OsRng` defined in the standard library anyway. The cruft of the `rand` crate and the extra `rand` support in the standard library makes libstd slightly more difficult to port to new platforms, namely WebAssembly which doesn't have any randomness at all (without interfacing with JS). The purpose of this commit is to clarify and streamline randomness in libstd, focusing on how it's only required in one location, hashmap seeds. Note that the `rand` crate out of tree has almost always been a drop-in replacement for the `rand` crate in-tree, so any usage (accidental or purposeful) of the crate in-tree should switch to the `rand` crate on crates.io. This then also has the further benefit of avoiding duplication (mostly) between the two crates!
2017-11-01 12:32:13 -07:00
pub fn fill_bytes(v: &mut [u8]) {
[fuchsia] Update zx_cprng_draw to target semantics This change is the final step in improving the semantics of zx_cprng_draw. Now the syscall always generates the requested number of bytes. If the syscall would have failed to generate the requested number of bytes, the syscall either terminates the entire operating system or terminates the calling process, depending on whether the error is a result of the kernel misbehaving or the userspace program misbehaving.
2018-06-27 08:56:19 -07:00
unsafe { zx_cprng_draw(v.as_mut_ptr(), v.len()) }
Add support for kernel randomness for Fuchsia Wire up cprng syscall as provider for rand::os::OsRng on Fuchsia.
2016-10-24 16:42:57 -07:00
}
}
Reference in New Issue Copy Permalink