[FFmpeg-devel] [PATCH] lavu/random_seed: use getrandom() when available

James Almer jamrial at gmail.com
Fri Jul 7 14:54:05 EEST 2023 

On 7/7/2023 7:21 AM, Anton Khirnov wrote:
> It is a better interface for /dev/u?random on Linux, which avoids the
> issues associated with opening files.
> ---
>   configure               |  2 ++
>   libavutil/random_seed.c | 15 +++++++++++++++
>   2 files changed, 17 insertions(+)
> 
> diff --git a/configure b/configure
> index d6e78297fe..a4b09577cf 100755
> --- a/configure
> +++ b/configure
> @@ -2310,6 +2310,7 @@ SYSTEM_FUNCS="
>       getauxval
>       getenv
>       gethrtime
> +    getrandom
>       getopt
>       GetModuleHandle
>       GetProcessAffinityMask
> @@ -6387,6 +6388,7 @@ check_func  fcntl
>   check_func  fork
>   check_func  gethrtime
>   check_func  getopt
> +check_func_headers "sys/random.h" getrandom
>   check_func  getrusage
>   check_func  gettimeofday
>   check_func  isatty
> diff --git a/libavutil/random_seed.c b/libavutil/random_seed.c
> index 2980e565e0..9a3a5aa133 100644
> --- a/libavutil/random_seed.c
> +++ b/libavutil/random_seed.c
> @@ -35,6 +35,9 @@
>   #elif CONFIG_OPENSSL
>   #include <openssl/rand.h>
>   #endif
> +#if HAVE_GETRANDOM
> +#include <sys/random.h>
> +#endif
>   #include <fcntl.h>
>   #include <math.h>
>   #include <time.h>
> @@ -51,6 +54,7 @@
>   #define TEST 0
>   #endif
>   
> +#if !HAVE_GETRANDOM
>   static int read_random(uint8_t *dst, size_t len, const char *file)
>   {
>   #if HAVE_UNISTD_H
> @@ -70,6 +74,7 @@ static int read_random(uint8_t *dst, size_t len, const char *file)
>       return AVERROR(ENOSYS);
>   #endif
>   }
> +#endif
>   
>   static uint32_t get_generic_seed(void)
>   {
> @@ -147,7 +152,17 @@ int av_random_bytes(uint8_t* buf, size_t len)
>       return 0;
>   #endif
>   
> +    // getrandom() is a better interface for /dev/(u)random on Linux,
> +    // so it makes no sense to try both
> +#if HAVE_GETRANDOM
> +    {
> +        ssize_t read = getrandom(buf, len, GRND_NONBLOCK);
> +        err = read < 0    ? AVERROR(errno)  :
> +              read != len ? AVERROR_UNKNOWN : 0;

The documentation states

"By default, when reading from the random source, getrandom() blocks if 
no random bytes are available, and when reading from the urandom source, 
it blocks if the entropy pool has not yet been initialized.If the 
GRND_NONBLOCK flag is set, then getrandom() does not block in these 
cases, but instead immediately returns -1 with errno set to EAGAIN."

Returning EAGAIN may end up clashing with our usage of said error value 
internally (Marton's patch will make use of this function in hls), so 
maybe prevent said value from propagating here.

LGTM otherwise.

> +    }
> +#else
>       err = read_random(buf, len, "/dev/urandom");
> +#endif
>       if (!err)
>           return err;
>

More information about the ffmpeg-devel mailing list