-
Thomas Haller authored
Heavily inspired by systemd ([1]). We now also have nm_random_get_bytes{,_full}() and nm_random_get_crypto_bytes(), like systemd's random_bytes() and crypto_random_bytes(), respectively. Differences: - instead of systemd's random_bytes(), our nm_random_get_bytes_full() also estimates whether the output is of high quality. The caller may find that interesting. Due to that, we will first try to call getrandom(GRND_NONBLOCK) before getrandom(GRND_INSECURE). That is reversed from systemd's random_bytes(), because we want to find out whether we can get good random numbers. In most cases, kernel should have entropy already, and it makes no difference. Otherwise, heavily rework the code. It should be easy to understand and correct. There is also a major bugfix here. Previously, if getrandom() failed with ENOSYS and we fell back to /dev/urandom, we would assume that we have high quality random numbers. That assumption is not warranted. Now instead poll on /dev/random to find out. [1] https://github.com/systemd/systemd/blob/a268e7f4021072e120a03b42660fad21e465c44e/src/basic/random-util.c#L81 (cherry picked from commit d20343c9)