Skip to content

crypto/rand: add syscall number fallbacks in seccomp_linux #90

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

crypto/rand: add syscall number fallbacks in seccomp_linux #90

wants to merge 2 commits into from
+11 −0

Conversation

austinderek
Copy link

seccomp_linux.go is only used for Go's own tests (commit 6446285), but the package is included when building programs with CGO_ENABLED=1.

When using an older glibc (e.g. 2.17), SYS_getrandom and SYS_seccomp are not defined, causing cgo compilation to fail.

Note that there are already several types and defines copied from linux headers into seccomp_linux.go to support compilation on older systems.

Updates golang#69536

🔄 This is a mirror of upstream PR golang#75658

@dougm
crypto/rand: add syscall number fallbacks in seccomp_linux
0a0020e 
seccomp_linux.go is only used for Go's own tests (commit 6446285),
but the package is included when building programs with CGO_ENABLED=1.

When using an older glibc (e.g. 2.17), SYS_getrandom and SYS_seccomp
are not defined, causing cgo compilation to fail.

Note that there are already several types and defines copied from
linux headers into seccomp_linux.go to support compilation on older systems.
@austinderek austinderek force-pushed the seccomp_linux_syscall_fallback branch from 08e6cdc to 0a0020e Compare September 30, 2025 00:04
@austinderek austinderek force-pushed the master branch 26 times, most recently from 38b1a42 to db10db6 Compare September 30, 2025 13:09
@austinderek austinderek force-pushed the master branch 24 times, most recently from 29d43df to 08ee556 Compare October 22, 2025 14:04
@staging
Copy link

staging bot commented Oct 22, 2025

PullRequest network review has been cancelled

You can reactivate the code review job from the PullRequest dashboard - or - by adding [pr] to the title of this code review.

@staging
Copy link

staging bot commented Oct 22, 2025

HackerOne Code Security Review

🟢 Scan Complete: 1 Issue(s)

Here's how the code changes were interpreted and info about the tools used for scanning.

📖 Summary of Changes The changes involve adding preprocessor definitions for system calls SYS_getrandom and SYS_seccomp with default values of -1 in the seccomp_linux.go file. A new check was implemented in the disable_getrandom() function to return early and provide an error code of 3 if either syscall is undefined, potentially improving error handling for system-specific random number generation and seccomp operations.
File Summary
src/crypto/internal/sysrand/internal/seccomp/seccomp_linux.go Added preprocessor definitions for SYS_getrandom and SYS_seccomp with default values of -1, and added a new check in disable_getrandom() to return early if either syscall is undefined, returning an error code of 3.
ℹ️ Issues Detected

NOTE: These may not require action!

Below are unvalidated results from the Analysis Tools that ran during the latest scan for transparency. We investigate each of these for accuracy and relevance before surfacing them as a potential problem.

How will I know if something is a problem?
When validation completes, any concerns that warrant attention prior to merge will be posted as inline comments. These will show up in 2 ways:

  • Expert review (most cases): Issues will be posted by experts who manually reviewed and validated them. These are real HackerOne engineers (not bots) reviewing through an integrated IDE-like tool. You can communicate with them like any other reviewer. They'll stay assigned and get notified with commit & comment updates.
  • Automatically: In cases where our validation checks have highest confidence the problem is legitimate and urgent. These will include a description of contextual reasoning why & actionable next steps.
File & Line Issue
src/crypto/internal/sysrand/internal/seccomp/seccomp_linux.go Line 61 The added code adds fallback definitions for SYS_getrandom and SYS_seccomp syscall numbers, setting them to -1 when not defined. The code then checks for these -1 values and returns early. While this prevents crashes when these syscalls aren't available, it could lead to a silent failure in the security mechanism. If the syscalls aren't available, the function returns error code 3, but there's no clear documentation about what this error code means, potentially leading to misinterpretation by callers who might assume getrandom was successfully disabled when it wasn't.
🧰 Analysis tools

⏱️ Latest scan covered changes up to commit 412c349 (latest)

@austinderek austinderek force-pushed the master branch 4 times, most recently from d09a8c8 to 08ee556 Compare October 22, 2025 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@austinderek @dougm