fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2026-06-07 00:38:20 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

os/auth: prefer getrandom() over arc4random_buf() and /dev/urandom

Browse source 
Use getrandom() as the preferred source of random data when available,
getrandom() works in chroots and containers without the random device
node.

Note this is a build-time preference, not a runtime preference.

Assisted-by: Claude:claude-claude-opus-4-6
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2200>
This commit is contained in:
Peter Hutterer 2026-05-05 12:56:28 +10:00 committed by Marge Bot
parent cbe50578f8
commit 634247ef0c
2 changed files with 19 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
include/meson.build
View file

@ -139,6 +139,7 @@ conf_data.set('HAVE_SYS_UTSNAME_H', cc.has_header('sys/utsname.h') ? '1' : false
conf_data.set('HAVE_SYS_SYSMACROS_H', cc.has_header('sys/sysmacros.h') ? '1' : false)
conf_data.set('HAVE_ARC4RANDOM_BUF', cc.has_function('arc4random_buf', dependencies: libbsd_dep) ? '1' : false)
conf_data.set('HAVE_GETRANDOM', cc.has_function('getrandom', prefix: '#include <sys/random.h>') ? '1' : false)
conf_data.set('HAVE_BACKTRACE', cc.has_function('backtrace') ? '1' : false)
conf_data.set('HAVE_CBRT', cc.has_function('cbrt') ? '1' : false)
conf_data.set('HAVE_EPOLL_CREATE1', cc.has_function('epoll_create1') ? '1' : false)

19
os/auth.c
View file

@ -47,6 +47,9 @@ from The Open Group.
#include <X11/Xw32defs.h>
#endif
#include <stdlib.h> /* for arc4random_buf() */
#ifdef HAVE_GETRANDOM
#include <sys/random.h> /* for getrandom() */
#endif
struct protocol {
unsigned short name_length;
@ -302,7 +305,21 @@ GenerateAuthorization(unsigned name_length,
void
GenerateRandomData(int len, char *buf)
{
#ifdef HAVE_ARC4RANDOM_BUF
#ifdef HAVE_GETRANDOM
ssize_t ret;
int pos = 0;
while (pos < len) {
ret = getrandom(buf + pos, len - pos, 0);
if (ret <= 0) {
if (ret < 0 && errno == EINTR)
continue;
FatalError("Cannot read random data via getrandom(): %s\n",
strerror(errno));
}
pos += ret;
}
#elif defined(HAVE_ARC4RANDOM_BUF)
arc4random_buf(buf, len);
#else
int fd;