mfbt/RandomNum.cpp

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
   6
   7 #include "mozilla/RandomNum.h"
   8
   9 #include <fcntl.h>
  10 #ifdef XP_UNIX
  11 #  include <unistd.h>
  12 #endif
  13
  14 #if defined(XP_WIN)
  15
  16 // Microsoft doesn't "officially" support using RtlGenRandom() directly
  17 // anymore, and the Windows headers assume that __stdcall is
  18 // the default calling convention (which is true when Microsoft uses this
  19 // function to build their own CRT libraries).
  20
  21 // We will explicitly declare it with the proper calling convention.
  22
  23 #  include "minwindef.h"
  24 #  define RtlGenRandom SystemFunction036
  25 extern "C" BOOLEAN NTAPI RtlGenRandom(PVOID RandomBuffer,
  26                                       ULONG RandomBufferLength);
  27
  28 #endif
  29
  30 #if defined(ANDROID) || defined(XP_DARWIN) || defined(__DragonFly__) || \
  31     defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
  32 #  include <stdlib.h>
  33 #  define USE_ARC4RANDOM
  34 #endif
  35
  36 #if defined(__linux__)
  37 #  include <linux/random.h>  // For GRND_NONBLOCK.
  38 #  include <sys/syscall.h>   // For SYS_getrandom.
  39
  40 // Older glibc versions don't define SYS_getrandom, so we define it here if
  41 // it's not available. See bug 995069.
  42 #  if defined(__x86_64__)
  43 #    define GETRANDOM_NR 318
  44 #  elif defined(__i386__)
  45 #    define GETRANDOM_NR 355
  46 #  elif defined(__aarch64__)
  47 #    define GETRANDOM_NR 278
  48 #  elif defined(__arm__)
  49 #    define GETRANDOM_NR 384
  50 #  elif defined(__powerpc__)
  51 #    define GETRANDOM_NR 359
  52 #  elif defined(__s390__)
  53 #    define GETRANDOM_NR 349
  54 #  elif defined(__mips__)
  55 #    include <sgidefs.h>
  56 #    if _MIPS_SIM == _MIPS_SIM_ABI32
  57 #      define GETRANDOM_NR 4353
  58 #    elif _MIPS_SIM == _MIPS_SIM_ABI64
  59 #      define GETRANDOM_NR 5313
  60 #    elif _MIPS_SIM == _MIPS_SIM_NABI32
  61 #      define GETRANDOM_NR 6317
  62 #    endif
  63 #  endif
  64
  65 #  if defined(SYS_getrandom)
  66 // We have SYS_getrandom. Use it to check GETRANDOM_NR. Only do this if we set
  67 // GETRANDOM_NR so tier 3 platforms with recent glibc are not forced to define
  68 // it for no good reason.
  69 #    if defined(GETRANDOM_NR)
  70 static_assert(GETRANDOM_NR == SYS_getrandom,
  71               "GETRANDOM_NR should match the actual SYS_getrandom value");
  72 #    endif
  73 #  else
  74 #    define SYS_getrandom GETRANDOM_NR
  75 #  endif
  76
  77 #  if defined(GRND_NONBLOCK)
  78 static_assert(GRND_NONBLOCK == 1,
  79               "If GRND_NONBLOCK is not 1 the #define below is wrong");
  80 #  else
  81 #    define GRND_NONBLOCK 1
  82 #  endif
  83
  84 #endif  // defined(__linux__)
  85
  86 namespace mozilla {
  87
  88 /*
  89  * Note - Bug 1500115 has been opened to discuss simplifying or improving
  90  * this function in the future; however, the function is secure as-is right
  91  * now. Further improvements may be made to reduce complexity, improve
  92  * robustness, or take advantage of OS-specific API improvements as they
  93  * become available.
  94  *
  95  */
  96
  97 MFBT_API Maybe<uint64_t> RandomUint64() {
  98 #if defined(XP_WIN)
  99
 100   uint64_t result = 0;
 101   if (!RtlGenRandom(&result, sizeof(result))) {
 102     return Nothing();
 103   }
 104
 105   return Some(result);
 106
 107 #elif defined(USE_ARC4RANDOM)  // defined(XP_WIN)
 108
 109   return Some((static_cast<uint64_t>(arc4random()) << 32) | arc4random());
 110
 111 #elif defined(XP_UNIX)  // defined(USE_ARC4RANDOM)
 112
 113   uint64_t result = 0;
 114
 115 #  if defined(__linux__)
 116
 117   long bytesGenerated =
 118       syscall(SYS_getrandom, &result, sizeof(result), GRND_NONBLOCK);
 119
 120   if ((bytesGenerated > 0) &&
 121       (static_cast<unsigned long>(bytesGenerated) == sizeof(result))) {
 122     return Some(result);
 123   }
 124
 125   // Fall-through to UNIX behavior if failed
 126
 127 #  endif  // defined(__linux__)
 128
 129   int fd = open("/dev/urandom", O_RDONLY);
 130   if (fd < 0) {
 131     return Nothing();
 132   }
 133
 134   ssize_t bytesRead = read(fd, &result, sizeof(result));
 135
 136   close(fd);
 137
 138   if (bytesRead < 0) {
 139     return Nothing();
 140   }
 141
 142   if (static_cast<size_t>(bytesRead) != sizeof(result)) {
 143     return Nothing();
 144   }
 145
 146   return Some(result);
 147
 148 #else  // defined(XP_UNIX)
 149 #  error "Platform needs to implement RandomUint64()"
 150 #endif
 151 }
 152
 153 MFBT_API uint64_t RandomUint64OrDie() {
 154   Maybe<uint64_t> maybeRandomNum = RandomUint64();
 155
 156   MOZ_RELEASE_ASSERT(maybeRandomNum.isSome());
 157
 158   return maybeRandomNum.value();
 159 }
 160
 161 }  // namespace mozilla