From: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
To: Wilco Dijkstra <Wilco.Dijkstra@arm.com>,
"libc-alpha@sourceware.org" <libc-alpha@sourceware.org>,
Yu Chien Peter Lin <peterlin@andestech.com>,
Yann Droneaud <ydroneaud@opteya.com>
Subject: Re: [PATCH v2] malloc: Do not clobber errno on __getrandom_nocancel (BZ#29624)
Date: Thu, 29 Sep 2022 16:07:53 -0300 [thread overview]
Message-ID: <731f55a7-6538-e59a-6bcb-f0c8e829e086@linaro.org> (raw)
In-Reply-To: <AS4PR08MB7901AAA3F377C21B621DEA9D83579@AS4PR08MB7901.eurprd08.prod.outlook.com>
On 29/09/22 15:36, Wilco Dijkstra wrote:
> Hi Adhemerval,
>
> Another question, the syscall is defined as:
>
> ssize_t getrandom (void *__buffer, size_t __length,
>
> Doesn't this mean if we use 'int' for the return value, a large but valid syscall
> result could be interpreted as a negative error value? It sounds like all code
> processing the getrandom syscall should use ssize_t rather than int. Or do we
> limit length to something fairly small?
Yeah, you are right. The syscall indeed returns ssize_t/long:
include/linux/syscalls.h:1007:asmlinkage long sys_getrandom(char __user *buf, size_t count,
So it does make sense to use ssize_t. It seems that not all architectures handle
INTERNAL_SYSCALL consistently to use 'long', but at least the 64 bits does.
It also handles the issue raised by Yann, where arc4random fallback is not used.
This is in fact another issue and I will send an independently patch.
>
> __arc4random_buf (void *p, size_t n)
> {
> static int seen_initialized;
> - size_t l;
> + int l;
>
> Should be ssize_t?
>
> +static inline int
> +__getrandom_nocancel (void *buf, size_t buflen, unsigned int flags)
>
> ssize_t?
>
> +{
> + int save_errno = errno;
> + int r = __getrandom (buf, buflen, flags);
>
> ssize_t?
>
> + r = r == -1 ? -errno : r;
> + __set_errno (save_errno);
> + return r;
> +}
>
> #define __poll_infinity_nocancel(fds, nfds) \
> __poll (fds, nfds, -1)
> diff --git a/sysdeps/unix/sysv/linux/not-cancel.h b/sysdeps/unix/sysv/linux/not-cancel.h
> index a263d294b1..00ab75a405 100644
> --- a/sysdeps/unix/sysv/linux/not-cancel.h
> +++ b/sysdeps/unix/sysv/linux/not-cancel.h
> @@ -71,7 +71,7 @@ __writev_nocancel_nostatus (int fd, const struct iovec *iov, int iovcnt)
> static inline int
>
> ssize_t?
>
> __getrandom_nocancel (void *buf, size_t buflen, unsigned int flags)
> {
> - return INLINE_SYSCALL_CALL (getrandom, buf, buflen, flags);
> + return INTERNAL_SYSCALL_CALL (getrandom, buf, buflen, flags);
> }
>
> Cheers,
> Wilco
next prev parent reply other threads:[~2022-09-29 19:07 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-29 17:55 Adhemerval Zanella
2022-09-29 18:36 ` Wilco Dijkstra
2022-09-29 19:07 ` Adhemerval Zanella Netto [this message]
2022-09-29 19:36 ` H.J. Lu
2022-09-29 18:44 ` Yann Droneaud
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=731f55a7-6538-e59a-6bcb-f0c8e829e086@linaro.org \
--to=adhemerval.zanella@linaro.org \
--cc=Wilco.Dijkstra@arm.com \
--cc=libc-alpha@sourceware.org \
--cc=peterlin@andestech.com \
--cc=ydroneaud@opteya.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).