Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 4 Jul 2012 23:02:20 +0300
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        Pawel Jakub Dawidek <pjd@freebsd.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r238118 - head/lib/libc/gen
Message-ID:  <20120704200220.GM2337@deviant.kiev.zoral.com.ua>
In-Reply-To: <201207041951.q64JpPXu029310@svn.freebsd.org>
References:  <201207041951.q64JpPXu029310@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--lU8AdyS7O1+iGTdG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jul 04, 2012 at 07:51:25PM +0000, Pawel Jakub Dawidek wrote:
> Author: pjd
> Date: Wed Jul  4 19:51:25 2012
> New Revision: 238118
> URL: http://svn.freebsd.org/changeset/base/238118
>=20
> Log:
>   Prefer sysctl to open/read/close for obtaining random data.
>   This method is more sandbox-friendly and also should be faster as only
>   one syscall is needed instead of three.
>   In case of an error fall back to the old method.
>  =20
>   Reviewed by:	simon, gleb
>   MFC after:	2 weeks
IMO it is weird and against a purpose of sysctl that kern.arand sysctl
exists at all. I would prefer to not spread its usage more. We have
to keep it to preserve ABI compatibility, but I do not think that the
location for random data provider is right, not to mention higher
overhead of sysctl machinery.

I do think that /dev/random is the right approach, or (less preferable)
you could consider adding syscall to get randomness.

--lU8AdyS7O1+iGTdG
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (FreeBSD)

iEYEARECAAYFAk/0oUwACgkQC3+MBN1Mb4gCVACg0/Qcm2I++ZedlrJt4wkCPjEX
UoQAoKn67xRQuCeed+XdR7DL1c/tZcEF
=sSVJ
-----END PGP SIGNATURE-----

--lU8AdyS7O1+iGTdG--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120704200220.GM2337>