[ovs-dev] [PATCH 1/3][RFC] Allow to open the urandom file descriptor in advance

[Eric Sesterhenn]

commit 70f2616745100c12004309e794a85bae95764845
Author: Eric Sesterhenn <eric.sesterhenn at lsexperts.de>
Date:   Fri Jul 11 03:53:40 2014 -0500

    Allow to open the urandom file descriptor in advance

    This is just an RFC at the moment, since it leaks one
    file descriptor per process.

    Signed-off-by: Eric Sesterhenn <eric.sesterhenn at lsexperts.de>

diff --git a/lib/entropy.c b/lib/entropy.c
index f980855..08ae082 100644
--- a/lib/entropy.c
+++ b/lib/entropy.c
@@ -31,6 +31,25 @@ VLOG_DEFINE_THIS_MODULE(entropy);

 static const char urandom[] = "/dev/urandom";

+int urandom_fd = 0;
+
+/* opens urandom for further usage */
+int
+initialize_entropy(void)
+{
+#ifndef _WIN32
+    if (urandom_fd == 0) {
+      urandom_fd = open(urandom, O_RDONLY);
+    }
+    if (urandom_fd < 0) {
+        VLOG_ERR("%s: open failed (%s)", urandom, ovs_strerror(errno));
+        return errno ? errno : EINVAL;
+    }
+#endif
+
+    return 0;
+}
+
 /* Initializes 'buffer' with 'n' bytes of high-quality random numbers.  Returns
  * 0 if successful, otherwise a positive errno value or EOF on error. */
 int
@@ -39,17 +58,15 @@ get_entropy(void *buffer, size_t n)
 #ifndef _WIN32
     size_t bytes_read;
     int error;
-    int fd;

-    fd = open(urandom, O_RDONLY);
-    if (fd < 0) {
-        VLOG_ERR("%s: open failed (%s)", urandom, ovs_strerror(errno));
-        return errno ? errno : EINVAL;
+    if (urandom_fd == 0) {
+        error = initialize_entropy();
+        if (error < 0) {
+            return error;
+        }
     }

-    error = read_fully(fd, buffer, n, &bytes_read);
-    close(fd);
-
+    error = read_fully(urandom_fd, buffer, n, &bytes_read);
     if (error) {
         VLOG_ERR("%s: read error (%s)", urandom, ovs_retval_to_string(error));
     }
@@ -80,3 +97,13 @@ get_entropy_or_die(void *buffer, size_t n)
                    urandom, ovs_retval_to_string(error));
     }
 }
+
+void
+cleanup_entropy(void)
+{
+#ifndef _WIN32
+    if (urandom_fd > 0) {
+        close(urandom_fd);
+    }
+#endif
+}
diff --git a/lib/entropy.h b/lib/entropy.h
index 6322b9f..15b89e9 100644
--- a/lib/entropy.h
+++ b/lib/entropy.h
@@ -18,7 +18,11 @@

 #include <stddef.h>

+int initialize_entropy(void);
 int get_entropy(void *, size_t);
 void get_entropy_or_die(void *, size_t);
+void cleanup_entropy(void);
+
+extern int urandom_fd;

 #endif /* entropy.h */


-- 
LSE Leading Security Experts GmbH, Postfach 100121, 64201 Darmstadt
Unternehmenssitz: Weiterstadt, Amtsgericht Darmstadt: HRB8649
Geschäftsführer: Oliver Michel, Sven Walther