mirror of
https://github.com/asterinas/asterinas.git
synced 2025-06-23 17:33:23 +00:00
Use a seedable RNG instead of getrandom crate
This commit is contained in:
YanWQ-monad
committed by
Tate, Hongliang Tian
Tate, Hongliang Tian
parent
b11e6d2d62
commit
82220748c0
1
Cargo.lock
generated
1
Cargo.lock
generated
@ -209,6 +209,7 @@ dependencies = [
|
|||||||
"bitvec",
|
"bitvec",
|
||||||
"bytemuck",
|
"bytemuck",
|
||||||
"bytemuck_derive",
|
"bytemuck_derive",
|
||||||
|
"cfg-if",
|
||||||
"controlled",
|
"controlled",
|
||||||
"core2",
|
"core2",
|
||||||
"cpio-decoder",
|
"cpio-decoder",
|
||||||
|
|||||||
@ -59,12 +59,9 @@ spin = "0.9.4"
|
|||||||
vte = "0.10"
|
vte = "0.10"
|
||||||
lru = "0.12.3"
|
lru = "0.12.3"
|
||||||
log = "0.4"
|
log = "0.4"
|
||||||
getrandom = { version = "0.2.10", default-features = false, features = [
|
|
||||||
"rdrand",
|
|
||||||
] }
|
|
||||||
bitvec = { version = "1.0", default-features = false, features = ["alloc"] }
|
bitvec = { version = "1.0", default-features = false, features = ["alloc"] }
|
||||||
hashbrown = "0.14"
|
hashbrown = "0.14"
|
||||||
rand = {version = "0.8.5", default-features = false, features = ["small_rng"]}
|
rand = { version = "0.8.5", default-features = false, features = ["getrandom", "small_rng", "std_rng"] }
|
||||||
static_assertions = "1.1.0"
|
static_assertions = "1.1.0"
|
||||||
inherit-methods-macro = { git = "https://github.com/asterinas/inherit-methods-macro", rev = "98f7e3e" }
|
inherit-methods-macro = { git = "https://github.com/asterinas/inherit-methods-macro", rev = "98f7e3e" }
|
||||||
getset = "0.1.2"
|
getset = "0.1.2"
|
||||||
@ -72,6 +69,12 @@ atomic = "0.6"
|
|||||||
bytemuck = "1.14.3"
|
bytemuck = "1.14.3"
|
||||||
bytemuck_derive = "1.5.0"
|
bytemuck_derive = "1.5.0"
|
||||||
takeable = "0.2.2"
|
takeable = "0.2.2"
|
||||||
|
cfg-if = "1.0"
|
||||||
|
|
||||||
|
[target.x86_64-unknown-none.dependencies]
|
||||||
|
getrandom = { version = "0.2.10", default-features = false, features = [
|
||||||
|
"rdrand",
|
||||||
|
] }
|
||||||
|
|
||||||
[dependencies.lazy_static]
|
[dependencies.lazy_static]
|
||||||
version = "1.0"
|
version = "1.0"
|
||||||
|
|||||||
@ -8,13 +8,14 @@ use crate::{
|
|||||||
},
|
},
|
||||||
prelude::*,
|
prelude::*,
|
||||||
process::signal::Poller,
|
process::signal::Poller,
|
||||||
|
util::random::getrandom,
|
||||||
};
|
};
|
||||||
|
|
||||||
pub struct Random;
|
pub struct Random;
|
||||||
|
|
||||||
impl Random {
|
impl Random {
|
||||||
pub fn getrandom(buf: &mut [u8]) -> Result<usize> {
|
pub fn getrandom(buf: &mut [u8]) -> Result<usize> {
|
||||||
getrandom::getrandom(buf)?;
|
getrandom(buf)?;
|
||||||
Ok(buf.len())
|
Ok(buf.len())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -44,9 +45,3 @@ impl FileIo for Random {
|
|||||||
events & mask
|
events & mask
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl From<getrandom::Error> for Error {
|
|
||||||
fn from(value: getrandom::Error) -> Self {
|
|
||||||
Error::with_message(Errno::ENOSYS, "cannot generate random bytes")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|||||||
@ -8,13 +8,14 @@ use crate::{
|
|||||||
},
|
},
|
||||||
prelude::*,
|
prelude::*,
|
||||||
process::signal::Poller,
|
process::signal::Poller,
|
||||||
|
util::random::getrandom,
|
||||||
};
|
};
|
||||||
|
|
||||||
pub struct Urandom;
|
pub struct Urandom;
|
||||||
|
|
||||||
impl Urandom {
|
impl Urandom {
|
||||||
pub fn getrandom(buf: &mut [u8]) -> Result<usize> {
|
pub fn getrandom(buf: &mut [u8]) -> Result<usize> {
|
||||||
getrandom::getrandom(buf)?;
|
getrandom(buf)?;
|
||||||
Ok(buf.len())
|
Ok(buf.len())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -67,6 +67,7 @@ pub(crate) mod vdso;
|
|||||||
pub mod vm;
|
pub mod vm;
|
||||||
|
|
||||||
pub fn init() {
|
pub fn init() {
|
||||||
|
util::random::init();
|
||||||
driver::init();
|
driver::init();
|
||||||
time::init();
|
time::init();
|
||||||
net::init();
|
net::init();
|
||||||
|
|||||||
@ -600,6 +600,7 @@ mod test {
|
|||||||
use super::*;
|
use super::*;
|
||||||
|
|
||||||
fn new_process(parent: Option<Arc<Process>>) -> Arc<Process> {
|
fn new_process(parent: Option<Arc<Process>>) -> Arc<Process> {
|
||||||
|
crate::util::random::init();
|
||||||
crate::fs::rootfs::init_root_mount();
|
crate::fs::rootfs::init_root_mount();
|
||||||
let pid = allocate_tid();
|
let pid = allocate_tid();
|
||||||
let parent = if let Some(parent) = parent {
|
let parent = if let Some(parent) = parent {
|
||||||
|
|||||||
@ -23,7 +23,7 @@ use aster_rights::{Full, Rights};
|
|||||||
use self::aux_vec::{AuxKey, AuxVec};
|
use self::aux_vec::{AuxKey, AuxVec};
|
||||||
use crate::{
|
use crate::{
|
||||||
prelude::*,
|
prelude::*,
|
||||||
util::read_cstring_from_vmar,
|
util::{random::getrandom, read_cstring_from_vmar},
|
||||||
vm::{perms::VmPerms, vmar::Vmar, vmo::VmoOptions},
|
vm::{perms::VmPerms, vmar::Vmar, vmo::VmoOptions},
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -107,7 +107,7 @@ impl InitStack {
|
|||||||
pub(super) fn new() -> Self {
|
pub(super) fn new() -> Self {
|
||||||
let nr_pages_padding = {
|
let nr_pages_padding = {
|
||||||
let mut random_nr_pages_padding: u8 = 0;
|
let mut random_nr_pages_padding: u8 = 0;
|
||||||
getrandom::getrandom(random_nr_pages_padding.as_bytes_mut()).unwrap();
|
getrandom(random_nr_pages_padding.as_bytes_mut()).unwrap();
|
||||||
random_nr_pages_padding as usize
|
random_nr_pages_padding as usize
|
||||||
};
|
};
|
||||||
let initial_top = MAX_USERSPACE_VADDR - PAGE_SIZE * nr_pages_padding;
|
let initial_top = MAX_USERSPACE_VADDR - PAGE_SIZE * nr_pages_padding;
|
||||||
@ -340,7 +340,7 @@ impl<'a> InitStackWriter<'a> {
|
|||||||
|
|
||||||
fn generate_random_for_aux_vec() -> [u8; 16] {
|
fn generate_random_for_aux_vec() -> [u8; 16] {
|
||||||
let mut rand_val = [0; 16];
|
let mut rand_val = [0; 16];
|
||||||
getrandom::getrandom(&mut rand_val).unwrap();
|
getrandom(&mut rand_val).unwrap();
|
||||||
rand_val
|
rand_val
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -7,6 +7,7 @@ use aster_rights::Full;
|
|||||||
|
|
||||||
use crate::{prelude::*, vm::vmar::Vmar};
|
use crate::{prelude::*, vm::vmar::Vmar};
|
||||||
pub mod net;
|
pub mod net;
|
||||||
|
pub mod random;
|
||||||
|
|
||||||
/// Read bytes into the `dest` buffer
|
/// Read bytes into the `dest` buffer
|
||||||
/// from the user space of the current process.
|
/// from the user space of the current process.
|
||||||
|
|||||||
35
kernel/aster-nix/src/util/random.rs
Normal file
35
kernel/aster-nix/src/util/random.rs
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
// SPDX-License-Identifier: MPL-2.0
|
||||||
|
|
||||||
|
use rand::{rngs::StdRng, Error as RandError, RngCore};
|
||||||
|
use spin::Once;
|
||||||
|
|
||||||
|
use crate::prelude::*;
|
||||||
|
|
||||||
|
static RNG: Once<SpinLock<StdRng>> = Once::new();
|
||||||
|
|
||||||
|
/// Fill `dest` with random bytes.
|
||||||
|
///
|
||||||
|
/// It's cryptographically secure, as documented in [`rand::rngs::StdRng`].
|
||||||
|
pub fn getrandom(dst: &mut [u8]) -> Result<()> {
|
||||||
|
Ok(RNG.get().unwrap().lock().try_fill_bytes(dst)?)
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn init() {
|
||||||
|
// The seed used to initialize the RNG is required to be secure and unpredictable.
|
||||||
|
|
||||||
|
cfg_if::cfg_if! {
|
||||||
|
if #[cfg(target_arch = "x86_64")] {
|
||||||
|
use rand::SeedableRng;
|
||||||
|
|
||||||
|
RNG.call_once(|| SpinLock::new(StdRng::from_entropy()));
|
||||||
|
} else {
|
||||||
|
compile_error!("unsupported target");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<RandError> for Error {
|
||||||
|
fn from(value: RandError) -> Self {
|
||||||
|
Error::with_message(Errno::ENOSYS, "cannot generate random bytes")
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user