Add support for getrandom()
Adds support for using the getrandom(2) syscall in cryptsetup.
This change is rather large but mainly consists of refactoring
lib/random.c to reduce the amount of code that is different between versions that call getrandom() and versions read from
/dev/[u]random. As discussed in the issue, this change does not alter the
--use-[u]random flags or the
CRYPT_RNG_[U]RANDOM libcryptsetup options.
This MR consists of 4 major parts (for more details see the individual commits):
- The first two commits change the behavior of
_get_random()(which reads from
/dev/random). It now no longer prints the percentage progress of key generation and prints the warning message if it will block at all (instead of waiting 5 seconds before warning).
- The third commit adds a
_getrandom()emulation function, which acts like the getrandom() syscall by reading from
- The forth commit refactors all the current RNG logic to go through
- The final three commits actually implement calling the getrandom() syscall, using a compile time switch to have
_getrandom()just call the getrandom() syscall instead of reading from files.
The option to enable cryptsetup is off by default (for now). The code was manually tested with all 4 possible RNG options. This MR doesn't include minor stylistic improvements (see joerichey94/cryptsetup!3 and joerichey94/cryptsetup!4). It also leaves all the FIPS related behavior the same.