[Bug #21448] Use getentropy(2) only on macOS

If this is not a system call, then it is using getrandom (which would have been tried already), and cannot be used as a replacement for the random devices.
2025-08-15 13:39:04 +02:00 · 2025-06-21 16:52:16 +09:00 · 2025-06-21 16:52:16 +09:00 · 1181a682a6
commit 1181a682a6
parent dbc596938a
1 changed files with 17 additions and 10 deletions
--- a/random.c
+++ b/random.c
@ -438,7 +438,23 @@ random_init(int argc, VALUE *argv, VALUE obj)
 # define USE_DEV_URANDOM 0
 #endif

-#ifdef HAVE_GETENTROPY
+#if ! defined HAVE_GETRANDOM && defined __linux__ && defined __NR_getrandom
+# ifndef GRND_NONBLOCK
+#   define GRND_NONBLOCK 0x0001	/* not defined in musl libc */
+# endif
+# define getrandom(ptr, size, flags) \
+    (ssize_t)syscall(__NR_getrandom, (ptr), (size), (flags))
+# define HAVE_GETRANDOM 1
+#endif
+
+#if defined(HAVE_GETENTROPY) && !defined(HAVE_GETRANDOM)
+/*
+ * In the case both `getentropy` and `getrandom` are defined, assume
+ * that the former is implemented using the latter, and use the latter
+ * in the `syscall` version.
+ * Otherwise, in the case only `getentropy`, assume it is defined as
+ * the replacement for security purpose of `/dev/urandom`.
+ */
 # define MAX_SEED_LEN_PER_READ 256
 static int
 fill_random_bytes_urandom(void *seed, size_t size)
@ -494,15 +510,6 @@ fill_random_bytes_urandom(void *seed, size_t size)
 # define fill_random_bytes_urandom(seed, size) -1
 #endif

-#if ! defined HAVE_GETRANDOM && defined __linux__ && defined __NR_getrandom
-# ifndef GRND_NONBLOCK
-#   define GRND_NONBLOCK 0x0001	/* not defined in musl libc */
-# endif
-# define getrandom(ptr, size, flags) \
-    (ssize_t)syscall(__NR_getrandom, (ptr), (size), (flags))
-# define HAVE_GETRANDOM 1
-#endif
-
 #if 0
 #elif defined MAC_OS_X_VERSION_10_7 && MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_7