Date: Wed, 28 Jan 2015 11:43:17 -0600 From: Brent Cook <busterb@...il.com> To: musl@...ts.openwall.com Subject: Re: getrandom syscall Here is the wrapper in LibreSSL for getrandom, to hopefully lend to the discussion: https://github.com/libressl-portable/openbsd/blob/master/src/lib/libcrypto/crypto/getentropy_linux.c#L194 It tries to avoid a couple of possible issues. FIrst, while <= 256 byte getrandom should not interrupt, it appears that if the kernel entropy pool has not been initialized yet, it would still return EINTR if called early enough in the boot process. How likely this is in practice, I don't know. Then, to avoid modifying errno even though there was an actual success, the wrapper restores the previous errno value when it succeeds. I just realized that the length check in getentropy_getrandom() is redundant, since it is checked earlier in getentropy() as well, but hopefully this is helpful. If a getentropy() were added to musl libc, but in such a way that it might fail on older kernels, that would cause some problems with LibreSSL, and now OpenNTPD. They will both try to use getentropy() with arc4random() if it is found in a system, and arc4random() will treat a getentropy() failure as fatal. Thanks, and good discussion.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.