Date: Wed, 21 Mar 2018 09:14:29 -0500 From: Pedro Giffuni <pfg@FreeBSD.org> To: Ian Lepore <ian@freebsd.org>, Conrad Meyer <cem@FreeBSD.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r331279 - in head: include lib/libc/gen lib/libc/sys lib/libc/tests/gen sys/compat/freebsd32 sys/conf sys/kern sys/sys tests/sys/kern usr.bin/truss Message-ID: <10290d09-dc33-dae5-aeb8-2e8affb69f29@FreeBSD.org> In-Reply-To: <1521596451.54965.39.camel@freebsd.org> References: <201803210115.w2L1Fjt9084698@repo.freebsd.org> <1521596451.54965.39.camel@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 20/03/2018 20:40, Ian Lepore wrote: > On Wed, 2018-03-21 at 01:15 +0000, Conrad Meyer wrote: >> Author: cem >> Date: Wed Mar 21 01:15:45 2018 >> New Revision: 331279 >> URL: https://svnweb.freebsd.org/changeset/base/331279 >> >> Log: >> Implement getrandom(2) and getentropy(3) >> >> The general idea here is to provide userspace programs with well- >> defined >> sources of entropy, in a fashion that doesn't require opening a new >> file >> descriptor (ulimits) or accessing paths (/dev/urandom may be >> restricted >> by chroot or capsicum). >> >> getrandom(2) is the more general API, and comes from the Linux >> world. >> Since our urandom and random devices are identical, the GRND_RANDOM >> flag >> is ignored. >> >> getentropy(3) is added as a compatibility shim for the OpenBSD API. >> >> truss(1) support is included. >> >> Tests for both system calls are provided. Coverage is believed to >> be at >> least as comprehensive as LTP getrandom(2) test >> coverage. Additionally, >> instructions for running the LTP tests directly against FreeBSD are >> provided >> in the "Test Plan" section of the Differential revision linked >> below. (They >> pass, of course.) >> >> PR: 194204 >> Reported by: David CARLIER <david.carlier AT >> hardenedbsd.org> >> Discussed with: cperciva, delphij, jhb, markj >> Relnotes: maybe >> Differential Revision: https://reviews.freebsd.org/D14500 >> > A good followup to this might be to switch libc's arc4random seeding to > getrandom(), instead of using a sysctl in a loop. That appears to be the main use of getentropy() in OpenBSD. We should now obviate linux_getrandom() as well. Cheers, Pedro.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?10290d09-dc33-dae5-aeb8-2e8affb69f29>