[Cryptography] Is Ron right on randomness
Theodore Ts'o
tytso at mit.edu
Tue Dec 6 22:24:08 EST 2016
On Mon, Dec 05, 2016 at 05:26:12PM -0800, Bill Cox wrote:
>
> There is still something wrong. I've tried a more recent 4.4.0-51-generic
> kernel in Ubuntu 14.04, with no luck. There is no SYS_getrandom syscall
> available through the syscall function, nor getrandom in libc. I'm running
> x64. I see this:
Yes, there is no getrandom in libc. That's because glibc developers
are being.... glibc, as I said before. There has been discussion
about maybe the kernel developers should support a libinux.a library
that would allow us to bypass glibc when they are being non-helpful.
In any case, your file compiles just fine for me:
% gcc -Wall -o /tmp/foo /tmp/foo.c
% /tmp/foo
bytes read = 32
% strace /tmp/foo 2>&1 | grep getrandom
getrandom("\310Ag\363\315\4\340\252\244\302\305\252\0319\230\3432\243\256\21\304\f\305\204\220\347\266e\324\243T\235", 32, 0) = 32
% find /usr/include -type f | xargs grep _getrandom
...
/usr/include/x86_64-linux-gnu/bits/syscall.h:#define SYS_getrandom __NR_getrandom
/usr/include/x86_64-linux-gnu/bits/syscall.h:#define SYS_getrandom __NR_getrandom
/usr/include/x86_64-linux-gnu/bits/syscall.h:#define SYS_getrandom __NR_getrandom
/usr/include/x86_64-linux-gnu/asm/unistd_32.h:#define __NR_getrandom 355
/usr/include/x86_64-linux-gnu/asm/unistd_64.h:#define __NR_getrandom 318
/usr/include/x86_64-linux-gnu/asm/unistd_x32.h:#define __NR_getrandom (__X32_SYSCALL_BIT + 318)
/usr/include/asm-generic/unistd.h:#define __NR_getrandom 278
/usr/include/asm-generic/unistd.h:__SYSCALL(__NR_getrandom, sys_getrandom)
% gcc -E /tmp/foo.c | grep bits/syscall
# 1 "/usr/include/x86_64-linux-gnu/bits/syscall.h" 1 3 4
% gcc -E /tmp/foo.c | grep unistd_
# 1 "/usr/include/x86_64-linux-gnu/asm/unistd_64.h" 1 3 4
% dpkg -S /usr/include/x86_64-linux-gnu/asm/unistd_64.h
linux-libc-dev:amd64: /usr/include/x86_64-linux-gnu/asm/unistd_64.h
> How can I access getrandom? Is this a Debian/Ubuntu bug?
% lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux testing (stretch)
Release: testing
Codename: stretch
Maybe an Ubuntu bug; maybe Canonical was too lazy to update their
header files since Linux 3.17? I dunno....
- Ted
More information about the cryptography
mailing list