public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "nmav at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/17252] getrandom and getentropy syscall
Date: Fri, 14 Aug 2015 14:17:00 -0000 [thread overview]
Message-ID: <bug-17252-131-jvLqPKZfar@http.sourceware.org/bugzilla/> (raw)
In-Reply-To: <bug-17252-131@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=17252
Nikos Mavrogiannopoulos <nmav at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |nmav at redhat dot com
--- Comment #6 from Nikos Mavrogiannopoulos <nmav at redhat dot com> ---
There is a very long and interesting discussion at the thread above that is
very high level, but there is nothing to the point for this API. At the moment
the Linux kernel offers a new system call getrandom() which solves several
problems of /dev/urandom approach (see [0] for some affecting gnutls), but
userspace cannot access it in reasonable way. syscall() is not a reasonable
way.
To clarify; until now userspace is using autoconf macros to detect
capabilities, e.g., a function in libc, libwhatever. With the approach of
having useful kernel calls which don't map to libc we are unfortunately
breaking this detection and forcing them to do some compile/runtime detection
of system calls(?). That's pretty ugly.
My suggestion would be for glibc to duplicate the OpenBSD API [1], and not
provide any API for kernels without this capability (you can't duplicate these
semantics). The whole reason, for this system call is that the semantics of
/dev/urandom were too unreliable to simulate a getrandom() function.
Nevertheless, I wouldn't object in any other solution which brings the system
call.
I just believe that this system call to is too good to ignore for so long.
[0]. https://bugzilla.redhat.com/show_bug.cgi?id=1253474
[1].
http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2?query=getentropy&sec=2
--
You are receiving this mail because:
You are on the CC list for the bug.
prev parent reply other threads:[~2015-08-14 14:17 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-10 17:04 [Bug libc/17252] New: " crrodriguez at opensuse dot org
2014-08-11 15:47 ` [Bug libc/17252] " joseph at codesourcery dot com
2014-08-11 20:49 ` fweimer at redhat dot com
2014-08-16 16:54 ` fweimer at redhat dot com
2014-10-06 13:38 ` alex.gaynor at gmail dot com
2015-02-24 14:21 ` victor.stinner at gmail dot com
2015-02-24 14:34 ` crrodriguez at opensuse dot org
2015-08-14 14:17 ` nmav at redhat dot com [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-17252-131-jvLqPKZfar@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=glibc-bugs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).