This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Add getrandom implementation [BZ #17252]
- From: Florian Weimer <fweimer at redhat dot com>
- To: Roland McGrath <roland at hack dot frob dot com>
- Cc: libc-alpha at sourceware dot org
- Date: Thu, 23 Jun 2016 19:20:52 +0200
- Subject: Re: [PATCH] Add getrandom implementation [BZ #17252]
- Authentication-results: sourceware.org; auth=none
- References: <20160610210303 dot 6CE3E40141175 at oldenburg dot str dot redhat dot com> <20160610221525 dot 038C62C39FB at topped-with-meat dot com>
On 06/11/2016 12:15 AM, Roland McGrath wrote:
You need to start with rationale justifying the new nonstandard API and why
it belongs in libc,
Based on the last discussion, I assumed that we had consensus that we'd
add wrappers for system calls which do not have merely niche applications.
There are about a dozen widely used cryptographic libraries on GNU/Linux
which would use the system call to seed their PRNGs. The /dev/urandom
interface is considered insufficient, due to the boot-time
initialization issue, and due to the potential unavailability of the
device node.
In addition, many libraries need a one-time entropy source to initialize
cookies (like our stack guard), or keys for randomized hash tables.
> let alone why it should litter a POSIX-standard header.
We can certainly put into something like <sys/random.h>.
But if there is no consensus to evolve the Linux-specific glibc API, I
don't know what to do.
getrandom support in glibc is requested rather often. Here is a recent
example:
<https://www.python.org/dev/peps/pep-0522/>
Thanks,
Florian