[PATCH v3] getrandom system call wrapper [BZ #17252]
Florian Weimer
fweimer@redhat.com
Thu Sep 8 18:32:00 GMT 2016
On 09/08/2016 08:28 PM, Richard Henderson wrote:
> On 09/08/2016 06:02 AM, Florian Weimer wrote:
>> On 09/08/2016 03:01 PM, Andreas Schwab wrote:
>>> On Sep 08 2016, Florian Weimer <fweimer@redhat.com> wrote:
>>>
>>>> I have retained the __getrandom symbol mangling. The justification for
>>>> that is that getrandom is a fairly common name. Application code might
>>>> use it for something else entirely and interpose their definition, so that
>>>> libraries cannot rely on it doing the right thing. I think the mangling
>>>> is justified because it is hard to spot that getrandom is broken due to
>>>> interposition. As <sys/random.h> is a new header, the macro will be
>>>> exposed to few applications.
>>>
>>> It makes it impossible to take the address of the function, though.
>>
>> It does. Do you have a better suggestion to achieve the same effect?
>
> Using __asm__ to change the assembler name of the C-level symbol is probably
> preferred for __GCC__.
This does not work in all cases because a getrandom function definition
will inherit the asm alias on the prototype and interpose the
supposedly-protected symbol.
But now that we have a <sys/random.h> header, maybe this isn't a
problem—if an application includes the <sys/random.h> header, it shows
that it is aware of getrandom, so it's less likely that it's interposing
the function accidentally.
Thanks,
Florian
More information about the Libc-alpha
mailing list