svn commit: r331279 - in head: include lib/libc/gen lib/libc/sys lib/libc/tests/gen sys/compat/freebsd32 sys/conf sys/kern sys/sys tests/sys/kern usr.bin/truss
Conrad Meyer
cem at freebsd.org
Wed Mar 21 18:09:32 UTC 2018
Please see https://reviews.freebsd.org/D14785 . :-)
Thanks,
Conrad
On Wed, Mar 21, 2018 at 10:31 AM, Xin LI <delphij at gmail.com> wrote:
>
>
>
> On Wed, Mar 21, 2018 at 8:37 AM Conrad Meyer <cem at freebsd.org> wrote:
>>
>> On Wed, Mar 21, 2018 at 8:23 AM, Konstantin Belousov
>> <kostikbel at gmail.com> wrote:
>> > On Wed, Mar 21, 2018 at 08:03:16AM -0700, Conrad Meyer wrote:
>> >> On Wed, Mar 21, 2018 at 3:33 AM, Konstantin Belousov
>> >> > Libraries must not abort the application.
>> >> > Esp. libc.
>> >>
>> >> What do you propose instead? while (1); ? I don't see that as
>> >> obviously better.
>> >
>> > Return the error to caller, as all, well most, correct library functions
>> > do.
>>
>> The abort() in case of ENOSYS was proposed by delphij at . It is
>> intended for users that getentropy() not fail. Another possible
>> fallback is to use the kern.arandom sysctl. Would this be amenable to
>> you?
>
>
> My proposal was: "Note that ENOSYS should be handled by fallback with
> kern.arandom or an explicit abort() should be done.".
>
> It seems that a more graceful way of doing this should be something like:
>
> if (sysctl({MIB: KERN, ARND}, 2, buf, &buflen_copy, NULL, 0) == -1 ||
> buflen_copy != buflen) {
> /*
> * The sysctl cannot fail. If it does fail on some FreeBSD
> * derivative or after some future change, just abort so that
> * the problem will be found and fixed. abort is not normally
> * suitable for a library but makes sense here.
> */
> abort();
> }
>
> Like it was done in srandomdev().
More information about the svn-src-all
mailing list