svn commit: r331279 - in head: include lib/libc/gen lib/libc/sys lib/libc/tests/gen sys/compat/freebsd32 sys/conf sys/kern sys/sys tests/sys/kern usr.bin/truss
Ian Lepore
ian at freebsd.org
Wed Mar 21 01:40:55 UTC 2018
On Wed, 2018-03-21 at 01:15 +0000, Conrad Meyer wrote:
> Author: cem
> Date: Wed Mar 21 01:15:45 2018
> New Revision: 331279
> URL: https://svnweb.freebsd.org/changeset/base/331279
>
> Log:
> Implement getrandom(2) and getentropy(3)
>
> The general idea here is to provide userspace programs with well-
> defined
> sources of entropy, in a fashion that doesn't require opening a new
> file
> descriptor (ulimits) or accessing paths (/dev/urandom may be
> restricted
> by chroot or capsicum).
>
> getrandom(2) is the more general API, and comes from the Linux
> world.
> Since our urandom and random devices are identical, the GRND_RANDOM
> flag
> is ignored.
>
> getentropy(3) is added as a compatibility shim for the OpenBSD API.
>
> truss(1) support is included.
>
> Tests for both system calls are provided. Coverage is believed to
> be at
> least as comprehensive as LTP getrandom(2) test
> coverage. Additionally,
> instructions for running the LTP tests directly against FreeBSD are
> provided
> in the "Test Plan" section of the Differential revision linked
> below. (They
> pass, of course.)
>
> PR: 194204
> Reported by: David CARLIER <david.carlier AT
> hardenedbsd.org>
> Discussed with: cperciva, delphij, jhb, markj
> Relnotes: maybe
> Differential Revision: https://reviews.freebsd.org/D14500
>
A good followup to this might be to switch libc's arc4random seeding to
getrandom(), instead of using a sysctl in a loop.
-- Ian
More information about the svn-src-head
mailing list