From 5f2d71895057a80b96fcecbb0e42add709ac1b37 Mon Sep 17 00:00:00 2001 From: Calascibetta Romain Date: Fri, 29 Mar 2024 14:58:02 +0100 Subject: [PATCH] Use an atomic instead of a reference to be domain-safe (#221) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Random number generator initialisation is domain-safe * Atomic is only available since OCaml 4.12 * set entropy sources via compare_and_set * CI: use 4.12+ only Co-authored-by: Hannes Mehnert Co-authored-by: Reynir Björnsson --- .cirrus.yml | 2 +- .github/workflows/test.yml | 2 +- .github/workflows/windows.yml | 2 +- mirage-crypto-rng.opam | 2 +- rng/entropy.ml | 18 ++++++++++++------ rng/rng.ml | 8 ++++---- rng/unix/mirage_crypto_rng_unix.ml | 6 +++--- 7 files changed, 23 insertions(+), 17 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 1e4b6998..73d23f3e 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -5,7 +5,7 @@ freebsd_task: env: matrix: - OCAML_VERSION: 4.13.1 - - OCAML_VERSION: 4.14.1 + - OCAML_VERSION: 4.14.2 pkg_install_script: pkg install -y ocaml-opam gmp gmake pkgconf bash diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2804d7e4..c1a8bb0e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -9,7 +9,7 @@ jobs: strategy: fail-fast: false matrix: - ocaml-version: ["4.14.1", "4.13.1", "4.12.1", "4.11.2", "4.10.2", "4.09.1"] + ocaml-version: ["4.14.2", "4.13.1", "4.12.1"] operating-system: [macos-latest, ubuntu-latest] runs-on: ${{ matrix.operating-system }} diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 7f2d38af..4f97944f 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -9,7 +9,7 @@ jobs: strategy: fail-fast: false matrix: - ocaml-version: ["4.14.0", "4.13.1", "4.12.1", "4.11.2", "4.10.2", "4.09.1"] + ocaml-version: ["4.14.2", "4.13.1", "4.12.1"] operating-system: [windows-latest] runs-on: ${{ matrix.operating-system }} diff --git a/mirage-crypto-rng.opam b/mirage-crypto-rng.opam index 701c88cc..b8f4471d 100644 --- a/mirage-crypto-rng.opam +++ b/mirage-crypto-rng.opam @@ -13,7 +13,7 @@ build: [ ["dune" "subst"] {dev} ["dune" "runtest" "-p" name "-j" jobs] {with-test} ] depends: [ - "ocaml" {>= "4.08.0"} + "ocaml" {>= "4.12.0"} "dune" {>= "2.7"} "dune-configurator" {>= "2.0.0"} "duration" diff --git a/rng/entropy.ml b/rng/entropy.ml index d7226e6a..0404acb8 100644 --- a/rng/entropy.ml +++ b/rng/entropy.ml @@ -50,19 +50,25 @@ module S = Set.Make(struct String.compare an bn end) -let _sources = ref S.empty +let _sources = Atomic.make S.empty type source = Rng.source let register_source name = - let n = S.cardinal !_sources in - let source = (n, name) in - _sources := S.add source !_sources; - source + let rec set () = + let sources = Atomic.get _sources in + let n = S.cardinal sources in + let source = (n, name) in + if Atomic.compare_and_set _sources sources (S.add source sources) then + source + else + set () + in + set () let id (idx, _) = idx -let sources () = S.elements !_sources +let sources () = S.elements (Atomic.get _sources) let pp_source ppf (idx, name) = Format.fprintf ppf "[%d] %s" idx name diff --git a/rng/rng.ml b/rng/rng.ml index a6948589..89722e25 100644 --- a/rng/rng.ml +++ b/rng/rng.ml @@ -54,14 +54,14 @@ let create (type a) ?g ?seed ?(strict=false) ?time (m : a generator) = Option.iter (M.reseed ~g) seed; Generator (g, strict, m) -let _default_generator = ref None +let _default_generator = Atomic.make None -let set_default_generator g = _default_generator := Some g +let set_default_generator g = Atomic.set _default_generator (Some g) -let unset_default_generator () = _default_generator := None +let unset_default_generator () = Atomic.set _default_generator None let default_generator () = - match !_default_generator with + match Atomic.get _default_generator with | None -> raise No_default_generator | Some g -> g diff --git a/rng/unix/mirage_crypto_rng_unix.ml b/rng/unix/mirage_crypto_rng_unix.ml index 360bf073..1240a1d3 100644 --- a/rng/unix/mirage_crypto_rng_unix.ml +++ b/rng/unix/mirage_crypto_rng_unix.ml @@ -14,10 +14,10 @@ let getrandom_init i = let data = getrandom 128 in Entropy.header i data -let running = ref false +let running = Atomic.make false let initialize (type a) ?g (rng : a generator) = - if !running then + if Atomic.get running then Log.debug (fun m -> m "Mirage_crypto_rng_unix.initialize has already been called, \ ignoring this call.") @@ -28,7 +28,7 @@ let initialize (type a) ?g (rng : a generator) = been set, check that this call is intentional"); with No_default_generator -> ()); - running := true ; + Atomic.set running true ; let seed = let init = Entropy.[ bootstrap ; whirlwind_bootstrap ; bootstrap ; getrandom_init ]