Try /dev/random before using /dev/urandom

[pitdicker]

@dhardy You are maybe not going to like this PR (it is partly similar to dhardy#48), but I try it anyway 😄.

I have removed the custom ReadRng wrapper from OsRng, which was only used by Redox, and the module with Linux and non-specified Unix platforms.

Redox now has a very basic implementation, without caching the file descriptor. I am not sure it is needed there https://github.com/redox-os/redox/issues/1172.

The implementation of ReadRng is mostly folded into the Linux etc. module. It will now attempt to read a single byte from /dev/random to confirm the OS RNG is initialized, before using /dev/urandom.

In two ways this is not entirely optimal:

• /dev/random may error when the system for some reason thinks it is out of 'entropy', giving a false positive. The change of this happening are unlikely, especially when you consider we only do this test once during the lifetime of the program.
• We use this method on all Unix platforms, while on some there is no difference between the two random devices. So this could be slightly slower than necessary there.

But I think these problems are minor.

[pitdicker]

I'll work a bit more on this one...

[pitdicker]

I have taken the numbers for NR_GETRANDOM for a few extra platforms from systemd. MIPS_SIM_ABI32 is Rusts mips target (old ABI), and MIPS_SIM_ABI64 the mips64 target.

I know I made a type in the function but I am stumped by this error by the CI for ARM: https://travis-ci.org/rust-lang-nursery/rand/jobs/358410616

getrandom should simply be available for target_arch = "arm", but somehow it isn't...
@dhardy Do you have an idea how to investigate this? I have the same error locally when compiling for armv7-linux-androideabi, and I can't find an obvious typo...

Edit: found the problem. target_os="android" 😄

[pitdicker]

I added back storing the fd in a static on Redox, and the CI is finally green 🎉. Gives a little less confidence though...

I think it is ready to took a look at.

[dhardy]

Surprise surprise, I do actually like the changes, though it took me a while to review!

[dhardy]

I wish diffs were smart enough to realise that the only thing changed was a variable name... these tools haven't changed much since the '70s!

[dhardy]

This comment is incorrect; it was there in ReadRng because existence of the self parameter proves the constructor ran. Here we just have to use local-analysis to see that this function only gets called after open_dev_random succeeds.

[dhardy]

Here the old comment actually makes sense — we have self on an object whose constructor initialised the mutex.

[dhardy]

I have taken the numbers for NR_GETRANDOM for a few extra platforms from systemd.

I'll just trust you got this right... or wait for error reports.

getrandom should simply be available for target_arch = "arm", but somehow it isn't...

Wait, the full genrandom impl reduced to just {} on ARM? That sounds weird. Or if you had a stub implementation, it should probably be { -1 } like the other stub.

---

Yep, happy for this to be merged (though one comment ought to be fixed as mentioned).

[pitdicker]

😄 Nice!

Wait, the full genrandom impl reduced to just {} on ARM? That sounds weird. Or if you had a stub implementation, it should probably be { -1 } like the other stub.

I forgot to add back the { -1 } part. But what surprised me was that we never actually used genrandom on Android at all. So my mistake was in a way useful to figure if we are using the syscall as assumed.

[pitdicker]

Ready to merge?