| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Error out if it's missing or broken (Mersenne Twister not present).
This ensures that we never have a low-quality random generator in Qt.
Change-Id: I0a103569c81b4711a649fffd14ec80649df7087e
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
| |
Commit 282065d443c2a2d6b9e32d786c2c1c7552ba3cb5 renamed the generator
functions but we didn't update all the docs.
Change-Id: I0a103569c81b4711a649fffd14ec877ffbfe710d
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
|
|
|
|
|
|
|
|
|
| |
There are a couple of Q_ASSERT wrapped by the new noexcepts, but most of
those aren't validation of external parameters, only of internal
construction. The two exceptions are the checks for pointer alignment.
Change-Id: I0a103569c81b4711a649fffd14ec8523d741dfb6
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
| |
Copy into the intended array elements, not into the start of the
array.
Change-Id: I05c4ece2450583c9358aa1eddfd702262e995146
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
"generate" is better than "get", and we already have "generate(it, it)"
which uses std::generate(). This changes:
- get32() → generate()
- get64() → generate64() and QRandomGenerator64::generate()
- getReal() → generateDouble()
Change-Id: I6e1fe42ae4b742a7b811fffd14e5d7bd69abcdb3
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Conflicts:
examples/examples.pro
qmake/library/qmakebuiltins.cpp
src/corelib/global/qglobal.cpp
Re-apply b525ec2 to qrandom.cpp(code movement in 030782e)
src/corelib/global/qnamespace.qdoc
src/corelib/global/qrandom.cpp
src/gui/kernel/qwindow.cpp
Re-apply a3d59c7 to QWindowPrivate::setVisible() (code movement in d7a9e08)
src/network/ssl/qsslkey_openssl.cpp
src/plugins/platforms/android/androidjniinput.cpp
src/plugins/platforms/xcb/qxcbconnection.cpp
src/plugins/platforms/xcb/qxcbconnection_xi2.cpp
src/widgets/widgets/qmenu.cpp
tests/auto/widgets/kernel/qwidget_window/tst_qwidget_window.cpp
Change-Id: If7ab427804408877a93cbe02079fca58e568bfd3
|
|
|
|
|
|
|
|
|
| |
The full documentation explains it well but a more prominent warning
will help avoid the wrong use of that class and encourage user to read
further the documentation.
Change-Id: I3178749f2b1b0350040f81eef253fd85c7ba0a5f
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Found while working on suppressing the warning about the return value
(which is either 0 or -1) was being ignored.
Task-number: QTBUG-61968
Change-Id: I02d22222fff64d4dbda4fffd14d148b1724547ca
Reviewed-by: Florian Bruhin <qt-project.org@the-compiler.org>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
| |
Change-Id: I8d96dea9955d4c749b99fffd14cdbd1e69940d33
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The getentropy function, first found in OpenBSD, is present in glibc
since version 2.25 and Bionic since Android 6.0 and NDK r11. It uses the
Linux 3.17 getrandom system call. Unlike glibc's getrandom() wrapper,
the glibc implementation of getentropy() function is not a POSIX thread
cancellation point, so we prefer to use that even though we have to
break the reading into 256-byte blocks.
The big advantage is that these functions work even in the absence of a
/dev/urandom device node, in addition to a few cycles shaved off by not
having to open a file descriptor and close it at exit. What's more, the
glibc implementation blocks until entropy is available on early boot, so
we don't have to worry about a failure mode. The Bionic implementation
will fall back by itself to /dev/urandom and, failing that, gathering
entropy from elsewhere in the system in a way it cannot fail either.
uClibc has a wrapper to getrandom(2) but no getentropy(3). MUSL has
neither.
Change-Id: Ia53158e207a94bf49489fffd14c8cee1b968a619
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
qdeadlinetimer.cpp and qelapsedtimer_*.cpp are not part of the bootstrap
library. Instead of adding them there, just remove this entropy source
from bootstrapped builds (instead of just qmake).
To compensate, store all the bits instead of trying to combine them into
just one 32-bit word. We've got a few new sources from the stack and
libc, plus two more ELF auxvec values that the Linux kernel supplies
(inspired by OpenBSD's getentropy_linux.c, which is used in Bionic).
Task-number: QTBUG-61492
Change-Id: I1d5a585d4af842f9a66ffffd14c999ae8c44f46c
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
| |
Found this in a few uses of qrand() that assumed the result would be
non-negative.
Change-Id: Ia53158e207a94bf49489fffd14c7c029515cf42c
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GCC didn't support it until version 5 or 6, so add configure tests for
both <random> and <sys/auxv.h>. Normally I'd say "upgrade", but this is
too low-level and important a feature.
There's a good chance that all our supported compilers have <random>
anyway. As for <sys/auxv.h>, it's present on Glibc, Bionic and MUSL, but
I don't see it in uClibc (AT_RANDOM is a Linux-specific feature).
Change-Id: Ia3e896da908f42939148fffd14c5b2af491f7a77
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix comments for QRandomGenerator.
src/corelib/io/qprocess.cpp:453: warning: Cannot find 'startDetached(...)' in '\fn' bool QProcessPrivate::startDetached(const QString &program, const QStringList &arguments, const QString &workingDirectory, qint64 *pid)
src/corelib/tools/qstringiterator.qdoc:122: warning: Cannot find 'QStringIterator(...)' in '\fn' QStringIterator::QStringIterator(QStringView string, QStringView::size_type idx)
src/corelib/global/qrandom.cpp:902: warning: Can't link to 'QRandomGenerator'
src/sql/kernel/qsqlerror.cpp:123: warning: Unknown command '\other'
src/network/kernel/qhostinfo.cpp:296: warning: Unknown command '\other'
src/gui/kernel/qplatformcursor.cpp:97: warning: Cannot find 'QPlatformCursor::OverrideCursor' specified with '\enum' in any header file
src/network/access/qnetworkreply.cpp:307: warning: Can't link to 'QNetworkAccessManager::setRedirectsPolicy()'
src/network/access/qnetworkreply.cpp:307: warning: Can't link to 'QNetworkRequest::RedirectsPolicyAttribute'
Change-Id: Ibc2455b1b657716dfb6192615738dc7f924dbab3
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Linux kernel gives us 16 bytes of random data and sets a pointer to
it in the ELF AuxV (the same one that allows us to get HWCAP on ARM
systems). So if we end up in the fallback generator, at leat we'll get a
good amount of entropy to seed the Mersenne Twister.
This could happen if the application is run in a chroot(2) or container
without /dev/random or /dev/urandom. That is probably an installation
mistake, so we don't optimize this case for performance.
With this commit, we have now good, high-quality fallbacks for Windows
(rand_s), for BSDs (arc4random) and for Linux. The only missing,
supported OS without a good entropy source is QNX.
Change-Id: Ia3e896da908f42939148fffd14c5b1084051f1a8
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we've never read any samples from hardware RNG or from /dev/urandom,
then there are no stored samples for us to seed the Mersenne Twister. In
that case, attempt to obtain an emergency sample that consists of some
random bits from the variable addresses (ASLR should help) and from the
clock (using nanosecond quality, instead of seconds).
There's still the possibility that we'll get poor entropy: very close to
boot, if the kernel entropy pool is empty, ASLR could be poor and the
monotonic clock value could be consistent from boot to boot. There's
nothing we can do about that.
Change-Id: Ia3e896da908f42939148fffd14c5b0c7b608371b
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
| |
This function works even in chroots where /dev is not available. Since
it's part of the OS, it may have better ways of gathering entropy even
when we don't.
Change-Id: Ia3e896da908f42939148fffd14c5afedc8569dbc
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds support for the x86 RDRAND instruction for
QRandomGenerator. This is the same that libstdc++-v3 uses for
std::random_device() by default. If it fails because the hardware does
not have enough entropy collected, we fall back to the operating system
generator, which often has more entropy collected from other sources.
Change-Id: Icd0e0d4b27cb4e5eb892fffd14b5167214e1ea3f
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
| |
Avoids #ifdefs and guesswork.
Change-Id: Icd0e0d4b27cb4e5eb892fffd14b5210efaea7d00
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
| |
Now that we have the file, may as well consolidate
Change-Id: Icd0e0d4b27cb4e5eb892fffd14b51d3e701c6a94
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
This class provides a reasonably-secure random number generator that
does not need seeding. That is quite unlike qrand(), which requires a
seed and is low-quality (definitely not secure).
This class is also like std::random_device, but better. It provides an
operator() like std::random_device, but unlike that, it also provides a
way to fill a buffer with random data, not just one 32-bit quantity.
It's also stateless.
Finally, it also implements std::seed_seq-like generate(). It obeys the
standard requirement of the range (32-bit) but not that of the algorithm
(if you wanted that, you'd use std::seed_seq itself). Instead,
generate() fills with pure random data.
Change-Id: Icd0e0d4b27cb4e5eb892fffd14b4e3ba9ea04da8
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|