Gitiles
Code Review Sign In
gerrit.omnirom.org / android_bionic / c11fb66739abb9346793c4267cf1437aa8896a6e^! / .
commitc11fb66739abb9346793c4267cf1437aa8896a6e[log] [tgz]
authorElliott Hughes <enh@google.com>Mon Feb 05 17:28:51 2018 -0800
committerElliott Hughes <enh@google.com>Tue Feb 06 15:35:15 2018 -0800
treedd7e857806c36a201dabf6f86dcb85afb2ef3ebb
parenta70089163ca09a983772dd2a8daa17e47f8ede53 [diff]
Inline __libc_arc4random_has_unlimited_entropy.

The name is misleading anyway.

Bug: http://b/67015565
Test: boots
Change-Id: Ic765e376d84e1ca474d3324eab32e14ea1ae9712

diff --git a/libc/bionic/bionic_arc4random.cpp b/libc/bionic/bionic_arc4random.cpp
index 391eb0c..fa2617f 100644
--- a/libc/bionic/bionic_arc4random.cpp
+++ b/libc/bionic/bionic_arc4random.cpp

@@ -28,8 +28,6 @@
 
 #include "private/bionic_arc4random.h"
 
-#include <errno.h>
-#include <stdatomic.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/auxv.h>
@@ -39,15 +37,12 @@
 
 #include "private/KernelArgumentBlock.h"
 
-bool __libc_arc4random_has_unlimited_entropy() {
-  static bool have_urandom = access("/dev/urandom", R_OK) == 0;
-  return have_urandom;
-}
-
 void __libc_safe_arc4random_buf(void* buf, size_t n, KernelArgumentBlock& args) {
-  // Only call arc4random_buf once we `have_urandom', since in getentropy_getrandom we may fallback
-  // to use /dev/urandom, if the kernel entropy pool hasn't been initialized or not enough bytes
-  if (__libc_arc4random_has_unlimited_entropy()) {
+  // Only call arc4random_buf once we have `/dev/urandom` because getentropy(3)
+  // will fall back to using `/dev/urandom` if getrandom(2) fails, and abort if
+  // if can't use `/dev/urandom`.
+  static bool have_urandom = access("/dev/urandom", R_OK) == 0;
+  if (have_urandom) {
     arc4random_buf(buf, n);
     return;
   }

diff --git a/libc/private/bionic_arc4random.h b/libc/private/bionic_arc4random.h
index b51f818..0e9376e 100644
--- a/libc/private/bionic_arc4random.h
+++ b/libc/private/bionic_arc4random.h

@@ -33,18 +33,11 @@
 
 #include "private/KernelArgumentBlock.h"
 
-/*
- * arc4random aborts if it's unable to fetch entropy, which is always the case
- * for init on devices without getrandom(2), since /dev/random hasn't been
- * created yet. Provide a wrapper function that falls back to AT_RANDOM if
- * we don't have getrandom and /dev/urandom is missing.
- */
+// arc4random(3) aborts if it's unable to fetch entropy, which is always
+// the case for init on devices. GCE kernels have a workaround to ensure
+// sufficient entropy during early boot, but no device kernels do. This
+// wrapper falls back to AT_RANDOM if the kernel doesn't have enough
+// entropy for getrandom(2) or /dev/urandom.
 void __libc_safe_arc4random_buf(void* buf, size_t n, KernelArgumentBlock& args);
 
-/*
- * Return true if libc has an unlimited entropy source (something other than
- * AT_RANDOM), and arc4random* calls will always succeed.
- */
-bool __libc_arc4random_has_unlimited_entropy();
-
 #endif