svn commit: r331279 - in head: include lib/libc/gen lib/libc/sys lib/libc/tests/gen sys/compat/freebsd32 sys/conf sys/kern sys/sys tests/sys/kern usr.bin/truss
Pedro Giffuni
pfg at FreeBSD.org
Wed Mar 21 14:34:50 UTC 2018
On 20/03/2018 20:40, Ian Lepore wrote:
> On Wed, 2018-03-21 at 01:15 +0000, Conrad Meyer wrote:
>> Author: cem
>> Date: Wed Mar 21 01:15:45 2018
>> New Revision: 331279
>> URL: https://svnweb.freebsd.org/changeset/base/331279
>>
>> Log:
>> Implement getrandom(2) and getentropy(3)
>>
>> The general idea here is to provide userspace programs with well-
>> defined
>> sources of entropy, in a fashion that doesn't require opening a new
>> file
>> descriptor (ulimits) or accessing paths (/dev/urandom may be
>> restricted
>> by chroot or capsicum).
>>
>> getrandom(2) is the more general API, and comes from the Linux
>> world.
>> Since our urandom and random devices are identical, the GRND_RANDOM
>> flag
>> is ignored.
>>
>> getentropy(3) is added as a compatibility shim for the OpenBSD API.
>>
>> truss(1) support is included.
>>
>> Tests for both system calls are provided. Coverage is believed to
>> be at
>> least as comprehensive as LTP getrandom(2) test
>> coverage. Additionally,
>> instructions for running the LTP tests directly against FreeBSD are
>> provided
>> in the "Test Plan" section of the Differential revision linked
>> below. (They
>> pass, of course.)
>>
>> PR: 194204
>> Reported by: David CARLIER <david.carlier AT
>> hardenedbsd.org>
>> Discussed with: cperciva, delphij, jhb, markj
>> Relnotes: maybe
>> Differential Revision: https://reviews.freebsd.org/D14500
>>
> A good followup to this might be to switch libc's arc4random seeding to
> getrandom(), instead of using a sysctl in a loop.
That appears to be the main use of getentropy() in OpenBSD.
We should now obviate linux_getrandom() as well.
Cheers,
Pedro.
More information about the svn-src-all
mailing list