Reimplement random data generation, add read_entropy syscall#640
Merged
bors[bot] merged 3 commits intohermit-os:masterfrom Jan 25, 2023
Merged
Reimplement random data generation, add read_entropy syscall#640bors[bot] merged 3 commits intohermit-os:masterfrom
read_entropy syscall#640bors[bot] merged 3 commits intohermit-os:masterfrom
Conversation
… future options like `NONBLOCK` and reduce the possible error cases
Contributor
|
Thanks for your contribution! I revise the IP interface and will publish a new ABI interface. In this context I will remove the old interface. |
Contributor
|
bors r+ |
Contributor
|
Build succeeded:
|
bors bot
added a commit
to hermit-os/hermit-rs
that referenced
this pull request
Jan 26, 2023
395: Add `read_entropy` syscall, remove old randomness syscalls r=stlankes a=joboet See hermit-os/kernel#640 Co-authored-by: joboet <jonasboettiger@icloud.com> Co-authored-by: Stefan Lankes <stlankes@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #143 by reimplementing random data generation using a ChaCha-based RNG continuously reseeded using the
RDSEEDinstruction. This should provide better security, asRDRANDis known to have hardware bugs.Also adds a new buffer-based syscall,
read_entropy, which better fits the usecase of crates likegetrandom.The old
secure_rand*andrandsyscalls should probably be removed at some point, but I do not know the Hermit stability policy and therefore have not done this in this PR.