Avoid unconditional getrandom syscall creating a WasiCtx#5244
Merged
alexcrichton merged 1 commit intoNov 10, 2022
Conversation
This commit updates the default random context inserted into a `WasiCtxt` to be seeded from `thread_rng` rather than the system's entropy. This avoids an unconditional syscall on the creation of all `WasiCtx` structures shouldn't reduce the quality of the random numbers produced.
Subscribe to Label Actioncc @kubkon DetailsThis issue or pull request has been labeled: "wasi"Thus the following users have been cc'd because of the following labels:
To subscribe or unsubscribe from this label, edit the |
pchickey
approved these changes
Nov 10, 2022
Contributor
|
It does reduce quality when forking processes or entire vm's. For cloning vm's acpi allows the virtual machine monitor to tell the vm that a clone has happened, which on linux causes the system csprng to be reseeded. See https://lwn.net/Articles/887207/ |
Member
Author
|
Wasmtime hasn't really been written for fork-safety, and otherwise fork-safety seems like it would be part of the |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This commit updates the default random context inserted into a
WasiCtxtto be seeded fromthread_rngrather than the system's entropy. This avoids an unconditional syscall on the creation of allWasiCtxstructures shouldn't reduce the quality of the random numbers produced.