This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v2] Add getrandom implementation [BZ #17252]


Zack Weinberg <zackw <at> panix.com> writes:

> 
> On Mon, Jun 27, 2016 at 11:07 AM, Florian Weimer <fweimer <at> redhat.com>
wrote:
> > The attached patch does not attempt to make it less likely that the
> > getrandom emulation will fail.  The file descriptor is kept open only for
> > the duration of the call.  I move the declaration to <sys/random.h> (a new
> > file) and added some documentation.
> 
> I think it would be better to expose getrandom() as a completely
> unadorned syscall.  No fallback and no attempt to paper over any of
> the infelicities of the kernel interface.
> This is because, what with the delay in adding this to libc, there's
> existing code now that makes the system call directly.  We want people
> to be able to just swap in the libc wrapper without having to worry
> about behavior differences.

I like the patch, though I agree with the statement above. Most likely the
emulation layer will create more problems than it would solve.

> A reliable cryptographic RNG should _also_ be added, but under a
> different name.  I'd vote for cloning the BSD arc4random() API.

The arc4random API is nice but it has a very unfortunate name. There is some
initial effort to standardize via POSIX a similar API:
http://austingroupbugs.net/view.php?id=859

regards,
Nikos



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]