This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v2] Add getrandom implementation [BZ #17252]
- From: Zack Weinberg <zackw at panix dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Date: Thu, 30 Jun 2016 08:03:52 -0400
- Subject: Re: [PATCH v2] Add getrandom implementation [BZ #17252]
- Authentication-results: sourceware.org; auth=none
- References: <20160610210303 dot 6CE3E40141175 at oldenburg dot str dot redhat dot com> <88371300-c533-9886-f1de-e34f17f7cbb4 at redhat dot com>
On Mon, Jun 27, 2016 at 11:07 AM, Florian Weimer <fweimer@redhat.com> wrote:
> The attached patch does not attempt to make it less likely that the
> getrandom emulation will fail. The file descriptor is kept open only for
> the duration of the call. I move the declaration to <sys/random.h> (a new
> file) and added some documentation.
I think it would be better to expose getrandom() as a completely
unadorned syscall. No fallback and no attempt to paper over any of
the infelicities of the kernel interface.
This is because, what with the delay in adding this to libc, there's
existing code now that makes the system call directly. We want people
to be able to just swap in the libc wrapper without having to worry
about behavior differences.
A reliable cryptographic RNG should _also_ be added, but under a
different name. I'd vote for cloning the BSD arc4random() API.
zw