diff options
author | David Benjamin <davidben@google.com> | 2020-05-18 14:01:29 -0400 |
---|---|---|
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | 2020-05-20 18:55:29 +0000 |
commit | 7b31d69f19e85dafa97854bfe35adbfd0fb6d280 (patch) | |
tree | 1f2975282c93fe1eee802463c4e829114bbb2ae5 /SANDBOXING.md | |
parent | 8f12996be3a7a8a53c1b674c0cef103628a7b779 (diff) | |
download | boringssl-7b31d69f19e85dafa97854bfe35adbfd0fb6d280.zip boringssl-7b31d69f19e85dafa97854bfe35adbfd0fb6d280.tar.gz boringssl-7b31d69f19e85dafa97854bfe35adbfd0fb6d280.tar.bz2 |
Document that getrandom support must be consistent.
Syscall-filtering sandboxes may make getrandom fail without crashing.
This will sometimes trigger the /dev/urandom fallback and sometimes not.
Change-Id: Ic824e5bfe6fcb99105fd285184243c4620447327
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41404
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Diffstat (limited to 'SANDBOXING.md')
-rw-r--r-- | SANDBOXING.md | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/SANDBOXING.md b/SANDBOXING.md index 95ac6e8..b1a32df 100644 --- a/SANDBOXING.md +++ b/SANDBOXING.md @@ -64,7 +64,12 @@ should ensure this regardless. Any BoringSSL function may draw entropy from the OS. On Windows, this uses `RtlGenRandom` and, on POSIX systems, this uses `getrandom`, `getentropy`, or a `read` from a file descriptor to `/dev/urandom`. These operations must succeed -or BoringSSL will abort the process. +or BoringSSL will abort the process. BoringSSL only probes for `getrandom` +support once and assumes support is consistent for the lifetime of the address +space (and any copies made via `fork`). If a syscall-filtering sandbox is +enabled partway through this lifetime and changes whether `getrandom` works, +BoringSSL may abort the process. Sandboxes are recommended to allow +`getrandom`. Note even deterministic algorithms may require OS entropy. For example, RSASSA-PKCS1-v1_5 is deterministic, but BoringSSL draws entropy to implement |