Index: libgcrypt-1.9.1/random/random-csprng.c =================================================================== --- libgcrypt-1.9.1.orig/random/random-csprng.c +++ libgcrypt-1.9.1/random/random-csprng.c @@ -55,6 +55,10 @@ #ifdef __MINGW32__ #include #endif +#if defined(__linux__) && defined(HAVE_SYSCALL) +# include +# include +#endif #include "g10lib.h" #include "random.h" #include "rand-internal.h" @@ -1202,6 +1206,22 @@ getfnc_gather_random (void))(void (*)(co enum random_origins, size_t, int); #if USE_RNDLINUX +#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom) + long ret; + char buffer[1]; + + _gcry_pre_syscall (); + ret = syscall (__NR_getrandom, + (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK); + _gcry_post_syscall (); + if (ret != -1 || errno != ENOSYS) + { + fnc = _gcry_rndlinux_gather_random; + return fnc; + } + else + /* The syscall is not supported - fallback to /dev/urandom. */ +#endif if ( !access (NAME_OF_DEV_RANDOM, R_OK) && !access (NAME_OF_DEV_URANDOM, R_OK)) { Index: libgcrypt-1.9.1/random/random.c =================================================================== --- libgcrypt-1.9.1.orig/random/random.c +++ libgcrypt-1.9.1/random/random.c @@ -110,8 +110,8 @@ _gcry_random_read_conf (void) unsigned int result = 0; fp = fopen (fname, "r"); - if (!fp) - return result; + if (!fp) /* We make only_urandom the default. */ + return RANDOM_CONF_ONLY_URANDOM; for (;;) { Index: libgcrypt-1.9.1/random/rndlinux.c =================================================================== --- libgcrypt-1.9.1.orig/random/rndlinux.c +++ libgcrypt-1.9.1/random/rndlinux.c @@ -39,6 +39,7 @@ extern int getentropy (void *buf, size_t #if defined(__linux__) || !defined(HAVE_GETENTROPY) #ifdef HAVE_SYSCALL # include +# include # ifdef __NR_getrandom # define getentropy(buf,buflen) syscall (__NR_getrandom, buf, buflen, 0) # endif @@ -155,12 +156,12 @@ _gcry_rndlinux_gather_random (void (*add if (!add) { /* Special mode to close the descriptors. */ - if (fd_random != -1) + if (fd_random >= 0) { close (fd_random); fd_random = -1; } - if (fd_urandom != -1) + if (fd_urandom >= 0) { close (fd_urandom); fd_urandom = -1; @@ -176,12 +177,12 @@ _gcry_rndlinux_gather_random (void (*add apid = getpid (); if (my_pid != apid) { - if (fd_random != -1) + if (fd_random >= 0) { close (fd_random); fd_random = -1; } - if (fd_urandom != -1) + if (fd_urandom >= 0) { close (fd_urandom); fd_urandom = -1; @@ -230,6 +231,17 @@ _gcry_rndlinux_gather_random (void (*add { if (fd_urandom == -1) { +#if defined(__linux__) && defined(HAVE_SYSCALL) && defined(__NR_getrandom) + long ret; + + _gcry_pre_syscall (); + ret = syscall (__NR_getrandom, + (void*)buffer, (size_t)1, (unsigned int)GRND_NONBLOCK); + _gcry_post_syscall (); + if (ret > -1 || errno == EAGAIN || errno == EINTR) + fd_urandom = -2; + else /* The syscall is not supported - fallback to /dev/urandom. */ +#endif fd_urandom = open_device (NAME_OF_DEV_URANDOM, (ever_opened & 2)); ever_opened |= 2; } @@ -272,9 +284,7 @@ _gcry_rndlinux_gather_random (void (*add _gcry_post_syscall (); } while (ret == -1 && errno == EINTR); - if (ret == -1 && errno == ENOSYS) - ; /* getentropy is not supported - fallback to pulling from fd. */ - else + if (1) { /* getentropy is supported. Some sanity checks. */ if (ret == -1) log_fatal ("unexpected error from getentropy: %s\n",