From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk1-x736.google.com (mail-qk1-x736.google.com [IPv6:2607:f8b0:4864:20::736]) by sourceware.org (Postfix) with ESMTPS id 878003858C55 for ; Thu, 29 Sep 2022 19:37:27 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 878003858C55 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-qk1-x736.google.com with SMTP id 3so1528477qka.5 for ; Thu, 29 Sep 2022 12:37:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=ItOP3ySrJgq3TmcsK0INaQAdxKkjhKs2Il6jFWaWM6s=; b=Zee+v1CKpHy39wa/IwAAPF7BOg9lCJKkgZIO8RJGBh0v7ARZpxmnQblYjE1Y1sbPvV +4HirCbkNOiolStBlx7W+wim4LZX6+ZlLO9zM/E2gkHCyQtxCCTWE/N679SMOfBlU1+j WCRFEUxy/sho/FJ6WBXA/4kntKhZC+JRhfkhqlpCoR6gj18790Fzgbl+509MMP+fhYnB w0+PjWPvcax/eWGFYu9qIspdyc7mU87N4nMTCVN4jl5Em5bDpyzGXfsEnc3Xx/GCfZf5 BaprWBiXiWcwjJDBVlMhPdc/ztsUwtkpHRRXQiNrwuiZX0weVnN/JSWxYR9kI91OrB09 sgbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=ItOP3ySrJgq3TmcsK0INaQAdxKkjhKs2Il6jFWaWM6s=; b=GSQkmPmnw27ErUXzV6S4WDCvdBv8HYQqs84ZaNFBzYeWNScGWKXO14D0ZGdmwHE9t7 iZt0ZKLlCpcYgQVQvJJwtQkCWFhmAaS93xdG/w4biNq/e+fKUqrPnJlv9Pf6JieL/l4m GqJirSdugGgYyVvNC1nW9xxcSTdGqBoqYITiNa4/4RSgtZitdzkpBFXDkuGk6HQpwf9U cmUzTiw9NxPhGSd3MmEuTTmm0a17QmwF6gr5d2Pv/NYgX3Z0yxCILbO1EEwa4HRe9SPr vMqpu2E8GYOJBAUgQyJOIdhFKq7XmEY6XHy2PgqkQLYefPomN/q4cHny00FOgkVF49Kg l7+Q== X-Gm-Message-State: ACrzQf2lIHZEbnbrWjHUnskzKe7QEHOqDAra/v40gl5N6RkIw2dmF1rd l8B6wNGQRoGJexfaJ8R5wW81+H+eopLH5tIpQfI= X-Google-Smtp-Source: AMsMyM61cbDQSNBRRZEZy5ffvh79tzcbZ0x60irMjqYfGIFfxzxWt883F1ZgVfPNo0b/yKL5QIIruFZcE4vrpFM+Q9c= X-Received: by 2002:a05:620a:16aa:b0:6ce:70b2:598b with SMTP id s10-20020a05620a16aa00b006ce70b2598bmr3487483qkj.670.1664480246791; Thu, 29 Sep 2022 12:37:26 -0700 (PDT) MIME-Version: 1.0 References: <20220929175526.2596756-1-adhemerval.zanella@linaro.org> <731f55a7-6538-e59a-6bcb-f0c8e829e086@linaro.org> In-Reply-To: <731f55a7-6538-e59a-6bcb-f0c8e829e086@linaro.org> From: "H.J. Lu" Date: Thu, 29 Sep 2022 12:36:50 -0700 Message-ID: Subject: Re: [PATCH v2] malloc: Do not clobber errno on __getrandom_nocancel (BZ#29624) To: Adhemerval Zanella Netto Cc: Wilco Dijkstra , "libc-alpha@sourceware.org" , Yu Chien Peter Lin , Yann Droneaud Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-3024.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Thu, Sep 29, 2022 at 12:09 PM Adhemerval Zanella Netto via Libc-alpha wrote: > > > > On 29/09/22 15:36, Wilco Dijkstra wrote: > > Hi Adhemerval, > > > > Another question, the syscall is defined as: > > > > ssize_t getrandom (void *__buffer, size_t __length, > > > > Doesn't this mean if we use 'int' for the return value, a large but valid syscall > > result could be interpreted as a negative error value? It sounds like all code > > processing the getrandom syscall should use ssize_t rather than int. Or do we > > limit length to something fairly small? > > Yeah, you are right. The syscall indeed returns ssize_t/long: > > include/linux/syscalls.h:1007:asmlinkage long sys_getrandom(char __user *buf, size_t count, > > So it does make sense to use ssize_t. It seems that not all architectures handle > INTERNAL_SYSCALL consistently to use 'long', but at least the 64 bits does. I think it should be __syscall_slong_t since sys_getrandom will return 64-bit integer for x32. > It also handles the issue raised by Yann, where arc4random fallback is not used. > This is in fact another issue and I will send an independently patch. > > > > > __arc4random_buf (void *p, size_t n) > > { > > static int seen_initialized; > > - size_t l; > > + int l; > > > > Should be ssize_t? > > > > +static inline int > > +__getrandom_nocancel (void *buf, size_t buflen, unsigned int flags) > > > > ssize_t? > > > > +{ > > + int save_errno = errno; > > + int r = __getrandom (buf, buflen, flags); > > > > ssize_t? > > > > + r = r == -1 ? -errno : r; > > + __set_errno (save_errno); > > + return r; > > +} > > > > #define __poll_infinity_nocancel(fds, nfds) \ > > __poll (fds, nfds, -1) > > diff --git a/sysdeps/unix/sysv/linux/not-cancel.h b/sysdeps/unix/sysv/linux/not-cancel.h > > index a263d294b1..00ab75a405 100644 > > --- a/sysdeps/unix/sysv/linux/not-cancel.h > > +++ b/sysdeps/unix/sysv/linux/not-cancel.h > > @@ -71,7 +71,7 @@ __writev_nocancel_nostatus (int fd, const struct iovec *iov, int iovcnt) > > static inline int > > > > ssize_t? > > > > __getrandom_nocancel (void *buf, size_t buflen, unsigned int flags) > > { > > - return INLINE_SYSCALL_CALL (getrandom, buf, buflen, flags); > > + return INTERNAL_SYSCALL_CALL (getrandom, buf, buflen, flags); > > } > > > > Cheers, > > Wilco -- H.J.