The AWS libcrypto Rust crate is a ring-compatible API built on the libcrypto C
library and its libssl C++ library. Packaging aws-lc-rs in Fedora would likely
require unbundling and integrating them into crypto-policies and/or special
review by the packaging committee and security team. Upstream chose this crate
because it was submitted for FIPS certification. Firecracker only uses it to
get some random bytes, so this reverts 246a308ef6d1054f7551ebeee7f0191b8518d2ad
to go back to the original implementation with the rand crate instead. If FIPS
certification becomes necessary for the RPM, the ring crate is now also working
towards ceritifcation and is already in Fedora, so this patch could potentially
switch to that in the future.
--- a/resources/seccomp/aarch64-unknown-linux-musl.json
+++ b/resources/seccomp/aarch64-unknown-linux-musl.json
@@ -108,7 +108,7 @@
},
{
"syscall": "getrandom",
- "comment": "getrandom is used by aws-lc library which we consume in virtio-rng"
+ "comment": "getrandom is used by virtio-rng to initialize the rand crate"
},
{
"syscall": "accept4",
@@ -210,7 +210,16 @@
},
{
"syscall": "madvise",
- "comment": "Used by the VirtIO balloon device and by musl for some customer workloads. It is also used by aws-lc during random number generation. They setup a memory page that mark with MADV_WIPEONFORK to be able to detect forks. They also call it with -1 to see if madvise is supported in certain platforms."
+ "comment": "Used by the VirtIO balloon device and by musl for some customer workloads",
+ "args": [
+ {
+ "index": 2,
+ "type": "dword",
+ "op": "eq",
+ "val": 4,
+ "comment": "libc::MADV_DONTNEED"
+ }
+ ]
},
{
"syscall": "mmap",
--- a/resources/seccomp/x86_64-unknown-linux-musl.json
+++ b/resources/seccomp/x86_64-unknown-linux-musl.json
@@ -108,7 +108,7 @@
},
{
"syscall": "getrandom",
- "comment": "getrandom is used by aws-lc library which we consume in virtio-rng"
+ "comment": "getrandom is used by virtio-rng to initialize the rand crate"
},
{
"syscall": "accept4",
@@ -210,7 +210,16 @@
},
{
"syscall": "madvise",
- "comment": "Used by the VirtIO balloon device and by musl for some customer workloads. It is also used by aws-lc during random number generation. They setup a memory page that mark with MADV_WIPEONFORK to be able to detect forks. They also call it with -1 to see if madvise is supported in certain platforms."
+ "comment": "Used by the VirtIO balloon device and by musl for some customer workloads",
+ "args": [
+ {
+ "index": 2,
+ "type": "dword",
+ "op": "eq",
+ "val": 4,
+ "comment": "libc::MADV_DONTNEED"
+ }
+ ]
},
{
"syscall": "mmap",
--- a/src/vmm/Cargo.toml
+++ b/src/vmm/Cargo.toml
@@ -9,7 +9,7 @@
bench = false
[dependencies]
-aws-lc-rs = { version = "1.6.1", features = ["bindgen"] }
+rand = "0.8.5"
bitflags = "2.0.2"
derive_more = { version = "0.99.17", default-features = false, features = ["from", "display"] }
event-manager = "0.4.0"
--- a/src/vmm/src/devices/virtio/rng/device.rs
+++ b/src/vmm/src/devices/virtio/rng/device.rs
@@ -5,7 +5,8 @@
use std::sync::atomic::AtomicU32;
use std::sync::Arc;
-use aws_lc_rs::rand;
+use rand::rngs::OsRng;
+use rand::RngCore;
use utils::eventfd::EventFd;
use vm_memory::GuestMemoryError;
@@ -30,7 +31,7 @@
/// Bad guest memory buffer: {0}
GuestMemory(#[from] GuestMemoryError),
/// Could not get random bytes: {0}
- Random(#[from] aws_lc_rs::error::Unspecified),
+ Random(#[from] rand::Error),
}
#[derive(Debug)]
@@ -113,7 +114,7 @@
}
let mut rand_bytes = vec![0; iovec.len()];
- rand::fill(&mut rand_bytes).map_err(|err| {
+ OsRng.try_fill_bytes(&mut rand_bytes).map_err(|err| {
METRICS.host_rng_fails.inc();
err
})?;