diff options
| author | Jonathan Giannuzzi <jonathan@giannuzzi.be> | 2018-10-10 14:17:27 -0700 |
|---|---|---|
| committer | Shentubot <shentubot@google.com> | 2018-10-10 14:18:47 -0700 |
| commit | 8388a505e735045f31c6f7180711ef57148dc517 (patch) | |
| tree | 8f5e5a7ed88d47f52f309e732871f7d622d02a01 /runsc/boot | |
| parent | ddb34b3690c07f6c8efe2b96f89166145c4a7d3c (diff) | |
Support for older Linux kernels without getrandom
Change-Id: I1fb9f5b47a264a7617912f6f56f995f3c4c5e578
PiperOrigin-RevId: 216591484
Diffstat (limited to 'runsc/boot')
| -rw-r--r-- | runsc/boot/BUILD | 1 | ||||
| -rw-r--r-- | runsc/boot/loader.go | 12 |
2 files changed, 11 insertions, 2 deletions
diff --git a/runsc/boot/BUILD b/runsc/boot/BUILD index a38a3a94e..c1e035d3b 100644 --- a/runsc/boot/BUILD +++ b/runsc/boot/BUILD @@ -25,6 +25,7 @@ go_library( "//pkg/control/server", "//pkg/cpuid", "//pkg/log", + "//pkg/rand", "//pkg/sentry/arch", "//pkg/sentry/context", "//pkg/sentry/control", diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go index dc3c6c3d0..859446344 100644 --- a/runsc/boot/loader.go +++ b/runsc/boot/loader.go @@ -17,7 +17,7 @@ package boot import ( "fmt" - "math/rand" + mrand "math/rand" "os" "os/signal" "runtime" @@ -30,6 +30,7 @@ import ( "gvisor.googlesource.com/gvisor/pkg/abi/linux" "gvisor.googlesource.com/gvisor/pkg/cpuid" "gvisor.googlesource.com/gvisor/pkg/log" + "gvisor.googlesource.com/gvisor/pkg/rand" "gvisor.googlesource.com/gvisor/pkg/sentry/arch" "gvisor.googlesource.com/gvisor/pkg/sentry/control" "gvisor.googlesource.com/gvisor/pkg/sentry/fs/host" @@ -133,7 +134,7 @@ type execProcess struct { func init() { // Initialize the random number generator. - rand.Seed(gtime.Now().UnixNano()) + mrand.Seed(gtime.Now().UnixNano()) // Register the global syscall table. kernel.RegisterSyscallTable(slinux.AMD64) @@ -167,9 +168,16 @@ type Args struct { // New initializes a new kernel loader configured by spec. // New also handles setting up a kernel for restoring a container. func New(args Args) (*Loader, error) { + // We initialize the rand package now to make sure /dev/urandom is pre-opened + // on kernels that do not support getrandom(2). + if err := rand.Init(); err != nil { + return nil, fmt.Errorf("error setting up rand: %v", err) + } + if err := usage.Init(); err != nil { return nil, fmt.Errorf("error setting up memory usage: %v", err) } + // Create kernel and platform. p, err := createPlatform(args.Conf, args.DeviceFD) if err != nil { |