This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v3] getrandom system call wrapper [BZ #17252]

On 09/08/2016 08:28 PM, Richard Henderson wrote:
On 09/08/2016 06:02 AM, Florian Weimer wrote:
On 09/08/2016 03:01 PM, Andreas Schwab wrote:
On Sep 08 2016, Florian Weimer <> wrote:

I have retained the __getrandom symbol mangling.  The justification for
that is that getrandom is a fairly common name.  Application code might
use it for something else entirely and interpose their definition, so that
libraries cannot rely on it doing the right thing.  I think the mangling
is justified because it is hard to spot that getrandom is broken due to
interposition.  As <sys/random.h> is a new header, the macro will be
exposed to few applications.

It makes it impossible to take the address of the function, though.

It does.  Do you have a better suggestion to achieve the same effect?

Using __asm__ to change the assembler name of the C-level symbol is probably
preferred for __GCC__.

This does not work in all cases because a getrandom function definition will inherit the asm alias on the prototype and interpose the supposedly-protected symbol.

But now that we have a <sys/random.h> header, maybe this isn't a problem—if an application includes the <sys/random.h> header, it shows that it is aware of getrandom, so it's less likely that it's interposing the function accidentally.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]