On Thu, Apr 23, 2026 at 10:12:25PM -0400, Kurt Hackenberg wrote:
On Fri, Apr 24, 2026 at 09:48 +0800, Kevin J. McCarthy wrote:Ah, sorry. Yes, the code is executed. The whole snippet is: if ((res == (size_t) -1) || (res < length_requested)) { if (res < length_requested) { length_requested -= res; random_bytes += res; } prng_random_bytes(random_bytes, length_requested); }I don't know what prng_random_bytes() is, so don't quite know the intent here. But counting on (res < length_requested) when getrandom() failed seems like pushing C pretty hard.
The man page says:On success, getrandom() returns the number of bytes that were copied to the buffer buf. This may be less than the number of bytes requested via size if either GRND_RANDOM was specified in flags and insufficient entropy was present in the random source or the system call was interrupted by a signal.
On error, -1 is returned, and errno is set to indicate the error.So that outer "if" checks for one of two possibilities we need to correct for: failure (-1), or less than the number bytes requests via size.
The call to prng_random_bytes() was falling back on the pseudo random generator.However, I'm think I'll take the fallback out, and just loop the call to getrandom() until we fill the buffer up. I'll send a v2 patch today or tomorrow.
Thanks for your feedback, Kurt and Alex! -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
