svn commit: r331279 - in head: include lib/libc/gen lib/libc/sys lib/libc/tests/gen sys/compat/freebsd32 sys/conf sys/kern sys/sys tests/sys/kern usr.bin/truss

Pedro Giffuni pfg at FreeBSD.org
Wed Mar 21 14:24:43 UTC 2018



On 20/03/2018 20:40, Ian Lepore wrote:
> On Wed, 2018-03-21 at 01:15 +0000, Conrad Meyer wrote:
>> Author: cem
>> Date: Wed Mar 21 01:15:45 2018
>> New Revision: 331279
>> URL: https://svnweb.freebsd.org/changeset/base/331279
>>
>> Log:
>>    Implement getrandom(2) and getentropy(3)
>>    
>>    The general idea here is to provide userspace programs with well-
>> defined
>>    sources of entropy, in a fashion that doesn't require opening a new
>> file
>>    descriptor (ulimits) or accessing paths (/dev/urandom may be
>> restricted
>>    by chroot or capsicum).
>>    
>>    getrandom(2) is the more general API, and comes from the Linux
>> world.
>>    Since our urandom and random devices are identical, the GRND_RANDOM
>> flag
>>    is ignored.
>>    
>>    getentropy(3) is added as a compatibility shim for the OpenBSD API.
>>    
>>    truss(1) support is included.
>>    
>>    Tests for both system calls are provided.  Coverage is believed to
>> be at
>>    least as comprehensive as LTP getrandom(2) test
>> coverage.  Additionally,
>>    instructions for running the LTP tests directly against FreeBSD are
>> provided
>>    in the "Test Plan" section of the Differential revision linked
>> below.  (They
>>    pass, of course.)
>>    
>>    PR:		194204
>>    Reported by:	David CARLIER <david.carlier AT
>> hardenedbsd.org>
>>    Discussed with:	cperciva, delphij, jhb, markj
>>    Relnotes:	maybe
>>    Differential Revision:	https://reviews.freebsd.org/D14500
>>
> A good followup to this might be to switch libc's arc4random seeding to
> getrandom(), instead of using a sysctl in a loop.
That appears to be the main use of getentropy() in OpenBSD.
We should now obviate linux_getrandom() as well.

Cheers,

Pedro.


More information about the svn-src-head mailing list