Switch Solaris to getentropy

newpavlov · newpavlov · commit e535bc83e12f · 2024-05-03T17:01:56.000+03:00
diff --git a/src/getrandom.rs b/src/getrandom.rs
@@ -1,4 +1,4 @@
-//! Implementation using libc::getrandom
+//! Implementation using `libc::getrandom`.
 //!
 //! Available since:
 //!   - Linux Kernel 3.17, Glibc 2.25, Musl 1.1.20
@@ -10,34 +10,11 @@
 //!   - DragonFly 5.7
 //!   - Hurd Glibc 2.31
 //!   - shim-3ds since Feb 2022
-//!
-//! For all platforms, we use the default randomness source (the one used
-//! by /dev/urandom) rather than the /dev/random (GRND_RANDOM) source. For
-//! more information see the linked man pages in lib.rs.
-//!   - On Linux, "/dev/urandom is preferred and sufficient in all use cases".
-//!   - On NetBSD, "there is no reason to ever use" GRND_RANDOM.
-//!   - On Illumos, the default source is used for getentropy() and the like:
-//!     https://github.com/illumos/illumos-gate/blob/89cf0c2ce8a47dcf555bb1596f9034f07b9467fa/usr/src/lib/libc/port/gen/getentropy.c#L33
-//!   - On Solaris, both sources use FIPS 140-2 / NIST SP-900-90A DRBGs, see:
-//!     https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2
-//!   - On Redox, only /dev/urandom is provided.
-//!   - On AIX, /dev/urandom will "provide cryptographically secure output".
-//!   - On Haiku, QNX Neutrino, DragonFly, and FreeBSD, they are identical.
 use crate::{util_libc::sys_fill_exact, Error};
 use core::mem::MaybeUninit;
 
-// On Solaris 11.3, getrandom() will fail if bufsz > 1024 (bufsz > 133120 on Solaris 11.4).
-// This issue is not present in Illumos's implementation of getrandom().
-#[cfg(target_os = "solaris")]
-const MAX_BYTES: usize = 1024;
-#[cfg(not(target_os = "solaris"))]
-const MAX_BYTES: usize = usize::MAX;
-
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    for chunk in dest.chunks_mut(MAX_BYTES) {
-        sys_fill_exact(chunk, |buf| unsafe {
-            libc::getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
-        })?;
-    }
-    Ok(())
+    sys_fill_exact(dest, |buf| unsafe {
+        libc::getrandom(buf.as_mut_ptr() as *mut libc::c_void, buf.len(), 0)
+    })
 }
diff --git a/src/lib.rs b/src/lib.rs
@@ -12,7 +12,7 @@
 //! | OpenBSD           | `*‑openbsd`        | [`getentropy`][7]
 //! | NetBSD            | `*‑netbsd`         | [`getrandom`][16] if available, otherwise [`kern.arandom`][8]
 //! | Dragonfly BSD     | `*‑dragonfly`      | [`getrandom`][9]
-//! | Solaris           | `*‑solaris`        | [`getrandom`][11]
+//! | Solaris           | `*‑solaris`        | [`getentropy`][11]
 //! | Illumos           | `*‑illumos`        | [`getrandom`][12]
 //! | Fuchsia OS        | `*‑fuchsia`        | [`cprng_draw`]
 //! | Redox             | `*‑redox`          | `/dev/urandom`
@@ -31,10 +31,6 @@
 //! | QNX Neutrino      | `*‑nto-qnx*`       | [`/dev/urandom`][14] (identical to `/dev/random`)
 //! | AIX               | `*-ibm-aix`        | [`/dev/urandom`][15]
 //!
-//! There is no blanket implementation on `unix` targets that reads from
-//! `/dev/urandom`. This ensures all supported targets are using the recommended
-//! interface and respect maximum buffer sizes.
-//!
 //! Pull Requests that add support for new targets to `getrandom` are always welcome.
 //!
 //! ## Unsupported targets
@@ -177,7 +173,7 @@
 //! [7]: https://man.openbsd.org/getentropy.2
 //! [8]: https://man.netbsd.org/sysctl.7
 //! [9]: https://leaf.dragonflybsd.org/cgi/web-man?command=getrandom
-//! [11]: https://docs.oracle.com/cd/E88353_01/html/E37841/getrandom-2.html
+//! [11]: https://docs.oracle.com/cd/E88353_01/html/E37841/getentropy-2.html
 //! [12]: https://illumos.org/man/2/getrandom
 //! [13]: https://github.com/emscripten-core/emscripten/pull/12240
 //! [14]: https://www.qnx.com/developers/docs/7.1/index.html#com.qnx.doc.neutrino.utilities/topic/r/random.html
@@ -242,6 +238,7 @@ cfg_if! {
     } else if #[cfg(any(
         target_os = "macos",
         target_os = "openbsd",
+        target_os = "solaris",
         target_os = "vita",
         target_os = "emscripten",
     ))] {
@@ -252,7 +249,6 @@ cfg_if! {
         target_os = "freebsd",
         target_os = "hurd",
         target_os = "illumos",
-        target_os = "solaris",
         // Check for target_arch = "arm" to only include the 3DS. Does not
         // include the Nintendo Switch (which is target_arch = "aarch64").
         all(target_os = "horizon", target_arch = "arm"),
diff --git a/src/use_file.rs b/src/use_file.rs
@@ -9,7 +9,12 @@ use core::{
     sync::atomic::{AtomicUsize, Ordering::Relaxed},
 };
 
-// We always use /dev/urandom, see the comment in getrandom.rs.
+/// For all platforms, we use `/dev/urandom` rather than `/dev/random`.
+/// For more information see the linked man pages in lib.rs.
+///   - On Linux, "/dev/urandom is preferred and sufficient in all use cases".
+///   - On Redox, only /dev/urandom is provided.
+///   - On AIX, /dev/urandom will "provide cryptographically secure output".
+///   - On Haiku and QNX Neutrino they are identical.
 const FILE_PATH: &str = "/dev/urandom\0";
 const FD_UNINIT: usize = usize::max_value();
 
