Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reimplement random data generation, add read_entropy syscall #640

Merged
merged 3 commits into from
Jan 25, 2023
Merged

Reimplement random data generation, add read_entropy syscall #640

merged 3 commits into from
Jan 25, 2023

Conversation

joboet
Copy link
Contributor

@joboet joboet commented Jan 21, 2023
edited
Loading

Fixes #143 by reimplementing random data generation using a ChaCha-based RNG continuously reseeded using the RDSEED instruction. This should provide better security, as RDRAND is known to have hardware bugs.

Also adds a new buffer-based syscall, read_entropy, which better fits the usecase of crates like getrandom.

The old secure_rand* and rand syscalls should probably be removed at some point, but I do not know the Hermit stability policy and therefore have not done this in this PR.

@mkroening mkroening self-requested a review January 21, 2023 15:38
@joboet joboet marked this pull request as draft January 22, 2023 00:27
@joboet joboet marked this pull request as ready for review January 22, 2023 11:59
@stlankes
Copy link
Contributor

Thanks for your contribution! I revise the IP interface and will publish a new ABI interface. In this context I will remove the old interface.

@stlankes
Copy link
Contributor

bors r+

@bors
Copy link
Contributor

bors bot commented Jan 25, 2023

Build succeeded:

@bors bors bot merged commit f61b60e into hermit-os:master Jan 25, 2023
@joboet joboet deleted the entropy branch January 25, 2023 22:18
@joboet joboet mentioned this pull request Jan 26, 2023
Closed
bors bot added a commit to hermit-os/hermit-rs that referenced this pull request Jan 26, 2023
@bors @joboet @stlankes
Merge #395
41eb229 
395: Add `read_entropy` syscall, remove old randomness syscalls r=stlankes a=joboet

See hermit-os/kernel#640

Co-authored-by: joboet <jonasboettiger@icloud.com>
Co-authored-by: Stefan Lankes <stlankes@users.noreply.github.com>
@newpavlov newpavlov mentioned this pull request Jan 26, 2023
Merged
@joboet joboet mentioned this pull request Mar 11, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mkroening mkroening Awaiting requested review from mkroening

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve randomness syscalls
2 participants
@joboet @stlankes