From 7d1f35985b6ca55233bfe2f44b03df020772bfc0 Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@google.com>
Date: Thu, 5 Apr 2018 10:26:39 -0700
Subject: [PATCH] Show an error before we abort the process for an entropy
 failure.

Change-Id: I8d8483d38de15dcde18141bb9cc9e79d585d24ad
Reviewed-on: https://boringssl-review.googlesource.com/27045
Reviewed-by: Adam Langley <agl@google.com>
---
 crypto/fipsmodule/rand/urandom.c | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/crypto/fipsmodule/rand/urandom.c b/crypto/fipsmodule/rand/urandom.c
index d2be7199..9eca93d0 100644
--- a/crypto/fipsmodule/rand/urandom.c
+++ b/crypto/fipsmodule/rand/urandom.c
@@ -97,7 +97,6 @@ DEFINE_BSS_GET(int, urandom_fd);
 
 DEFINE_STATIC_ONCE(rand_once);
 
-#if defined(USE_NR_getrandom) || defined(BORINGSSL_FIPS)
 // message writes |msg| to stderr. We use this because referencing |stderr|
 // with |fprintf| generates relocations, which is a problem inside the FIPS
 // module.
@@ -107,7 +106,6 @@ static void message(const char *msg) {
     r = write(2, msg, strlen(msg));
   } while (r == -1 && errno == EINTR);
 }
-#endif
 
 // init_once initializes the state of this module to values previously
 // requested. This is the only function that modifies |urandom_fd| and
@@ -151,6 +149,9 @@ static void init_once(void) {
   }
 
   if (fd < 0) {
+    message("failed to open /dev/urandom: ");
+    message(strerror(errno));
+    message("\n");
     abort();
   }
 
@@ -163,6 +164,9 @@ static void init_once(void) {
     close(kUnset);
 
     if (fd <= 0) {
+      message("failed to dup /dev/urandom fd: ");
+      message(strerror(errno));
+      message("\n");
       abort();
     }
   }
@@ -194,11 +198,17 @@ static void init_once(void) {
   if (flags == -1) {
     // Native Client doesn't implement |fcntl|.
     if (errno != ENOSYS) {
+      message("failed to get flags from urandom fd: ");
+      message(strerror(errno));
+      message("\n");
       abort();
     }
   } else {
     flags |= FD_CLOEXEC;
     if (fcntl(fd, F_SETFD, flags) == -1) {
+      message("failed to set FD_CLOEXEC on urandom fd: ");
+      message(strerror(errno));
+      message("\n");
       abort();
     }
   }
@@ -208,6 +218,9 @@ static void init_once(void) {
 void RAND_set_urandom_fd(int fd) {
   fd = dup(fd);
   if (fd < 0) {
+    message("failed to dup supplied urandom fd: ");
+    message(strerror(errno));
+    message("\n");
     abort();
   }
 
@@ -220,6 +233,9 @@ void RAND_set_urandom_fd(int fd) {
     close(kUnset);
 
     if (fd <= 0) {
+      message("failed to dup supplied urandom fd: ");
+      message(strerror(errno));
+      message("\n");
       abort();
     }
   }
@@ -232,7 +248,8 @@ void RAND_set_urandom_fd(int fd) {
   if (*urandom_fd_bss_get() == kHaveGetrandom) {
     close(fd);
   } else if (*urandom_fd_bss_get() != fd) {
-    abort();  // Already initialized.
+    message("RAND_set_urandom_fd called after initialisation.\n");
+    abort();
   }
 }
 
@@ -261,6 +278,7 @@ static char fill_with_entropy(uint8_t *out, size_t len) {
 #endif  // OPENSSL_MSAN
 
 #else  // USE_NR_getrandom
+      message("urandom fd corrupt.\n");
       abort();
 #endif
     } else {
@@ -288,6 +306,9 @@ void CRYPTO_sysrand(uint8_t *out, size_t requested) {
   CRYPTO_once(rand_once_bss_get(), init_once);
 
   if (!fill_with_entropy(out, requested)) {
+    message("entropy fill failed: ");
+    message(strerror(errno));
+    message("\n");
     abort();
   }