On 20/03/2018 20:40, Ian Lepore wrote:
On Wed, 2018-03-21 at 01:15 +0000, Conrad Meyer wrote:
Author: cem
Date: Wed Mar 21 01:15:45 2018
New Revision: 331279
URL: https://svnweb.freebsd.org/changeset/base/331279
Log:
Implement getrandom(2) and getentropy(3)
The general idea here is to provide userspace programs with well-
defined
sources of entropy, in a fashion that doesn't require opening a new
file
descriptor (ulimits) or accessing paths (/dev/urandom may be
restricted
by chroot or capsicum).
getrandom(2) is the more general API, and comes from the Linux
world.
Since our urandom and random devices are identical, the GRND_RANDOM
flag
is ignored.
getentropy(3) is added as a compatibility shim for the OpenBSD API.
truss(1) support is included.
Tests for both system calls are provided. Coverage is believed to
be at
least as comprehensive as LTP getrandom(2) test
coverage. Additionally,
instructions for running the LTP tests directly against FreeBSD are
provided
in the "Test Plan" section of the Differential revision linked
below. (They
pass, of course.)
PR: 194204
Reported by: David CARLIER <david.carlier AT
hardenedbsd.org>
Discussed with: cperciva, delphij, jhb, markj
Relnotes: maybe
Differential Revision: https://reviews.freebsd.org/D14500
A good followup to this might be to switch libc's arc4random seeding to
getrandom(), instead of using a sysctl in a loop.
That appears to be the main use of getentropy() in OpenBSD.
We should now obviate linux_getrandom() as well.
Cheers,
Pedro.
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
