From owner-svn-src-head@freebsd.org  Wed Mar 21 16:05:04 2018
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3E56FF50647;
 Wed, 21 Mar 2018 16:05:04 +0000 (UTC)
 (envelope-from kostikbel@gmail.com)
Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 90B09780E0;
 Wed, 21 Mar 2018 16:05:03 +0000 (UTC)
 (envelope-from kostikbel@gmail.com)
Received: from tom.home (kib@localhost [127.0.0.1])
 by kib.kiev.ua (8.15.2/8.15.2) with ESMTPS id w2LG4pOd060067
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
 Wed, 21 Mar 2018 18:04:54 +0200 (EET)
 (envelope-from kostikbel@gmail.com)
DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua w2LG4pOd060067
Received: (from kostik@localhost)
 by tom.home (8.15.2/8.15.2/Submit) id w2LG4ppA060066;
 Wed, 21 Mar 2018 18:04:51 +0200 (EET)
 (envelope-from kostikbel@gmail.com)
X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com
 using -f
Date: Wed, 21 Mar 2018 18:04:51 +0200
From: Konstantin Belousov <kostikbel@gmail.com>
To: Warner Losh <imp@bsdimp.com>
Cc: "Conrad E. Meyer" <cem@freebsd.org>,
 src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org, Xin LI <delphij@freebsd.org>
Subject: Re: svn commit: r331279 - in head: include lib/libc/gen lib/libc/sys
 lib/libc/tests/gen sys/compat/freebsd32 sys/conf sys/kern sys/sys
 tests/sys/kern usr.bin/truss
Message-ID: <20180321160451.GM76926@kib.kiev.ua>
References: <201803210115.w2L1Fjt9084698@repo.freebsd.org>
 <20180321103325.GJ76926@kib.kiev.ua>
 <CAG6CVpW3tPVyh6D3FXpAc9DPqG9u_KnHBiZOFmg1zZsHmDb8jA@mail.gmail.com>
 <20180321152335.GL76926@kib.kiev.ua>
 <CAG6CVpVq4e9p7tWRhzD1YmK0Zoxg3M31bMsHMkUbqCFwBHe+DQ@mail.gmail.com>
 <CANCZdfr-GJg4DyXy9+zjSjc=-uUDi4iYrDOBzOj7L=bLfhL00g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CANCZdfr-GJg4DyXy9+zjSjc=-uUDi4iYrDOBzOj7L=bLfhL00g@mail.gmail.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00,
 DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no
 autolearn_force=no version=3.4.1
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on tom.home
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Mar 2018 16:05:04 -0000

On Wed, Mar 21, 2018 at 09:42:26AM -0600, Warner Losh wrote:
> On Wed, Mar 21, 2018 at 9:37 AM, Conrad Meyer <cem@freebsd.org> wrote:
> 
> > On Wed, Mar 21, 2018 at 8:23 AM, Konstantin Belousov
> > <kostikbel@gmail.com> wrote:
> > > On Wed, Mar 21, 2018 at 08:03:16AM -0700, Conrad Meyer wrote:
> > >> On Wed, Mar 21, 2018 at 3:33 AM, Konstantin Belousov
> > >> > Libraries must not abort the application.
> > >> > Esp. libc.
> > >>
> > >> What do you propose instead?  while (1); ?  I don't see that as
> > >> obviously better.
> > >
> > > Return the error to caller, as all, well most, correct library functions
> > > do.
> >
> > The abort() in case of ENOSYS was proposed by delphij@.  It is
> > intended for users that getentropy() not fail.  Another possible
> > fallback is to use the kern.arandom sysctl.  Would this be amenable to
> > you?
> >
> 
> You should get a SIGSYS unless you've setup signal handlers for ENOSYS
> anyway, right?

The signal handler is under control of the application which uses libc.
The library can be only passive there.  So passing ENOSYS silently to the
caller, or trying to use kern.arandom on ENOSYS are both fine.  Abort()
is not, IMO.