1 //! Solaris implementation using getrandom(2).
2 //!
3 //! While getrandom(2) has been available since Solaris 11.3, it has a few
4 //! quirks not present on other OSes. First, on Solaris 11.3, calls will always
5 //! fail if bufsz > 1024. Second, it will always either fail or completely fill
6 //! the buffer (returning bufsz). Third, error is indicated by returning 0,
7 //! rather than by returning -1. Finally, "if GRND_RANDOM is not specified
8 //! then getrandom(2) is always a non blocking call". This _might_ imply that
9 //! in early-boot scenarios with low entropy, getrandom(2) will not properly
10 //! block. To be safe, we set GRND_RANDOM, mirroring the man page examples.
11 //!
12 //! For more information, see the man page linked in lib.rs and this blog post:
13 //! https://blogs.oracle.com/solaris/post/solaris-new-system-calls-getentropy2-and-getrandom2
14 //! which also explains why this crate should not use getentropy(2).
15 use crate::{util_libc::last_os_error, Error};
16 use core::mem::MaybeUninit;
17
18 const MAX_BYTES: usize = 1024;
19
getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error>20 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
21 for chunk in dest.chunks_mut(MAX_BYTES) {
22 let ptr = chunk.as_mut_ptr() as *mut libc::c_void;
23 let ret = unsafe { libc::getrandom(ptr, chunk.len(), libc::GRND_RANDOM) };
24 // In case the man page has a typo, we also check for negative ret.
25 if ret <= 0 {
26 return Err(last_os_error());
27 }
28 // If getrandom(2) succeeds, it should have completely filled chunk.
29 if (ret as usize) != chunk.len() {
30 return Err(Error::UNEXPECTED);
31 }
32 }
33 Ok(())
34 }
35