From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yb1-xb35.google.com (mail-yb1-xb35.google.com [IPv6:2607:f8b0:4864:20::b35]) by sourceware.org (Postfix) with ESMTPS id 572E23857017 for ; Wed, 29 Jun 2022 21:45:31 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 572E23857017 Received: by mail-yb1-xb35.google.com with SMTP id i7so30296814ybe.11 for ; Wed, 29 Jun 2022 14:45:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=FwqLEq01mDfZGft+OSetvgn15uadJ8kCIK4amuUXycM=; b=E8ok6DCN1VD6HwBy8Ooo0eBIE7NFxS85Jvl4Ixh7ULHW7ZlIvS/LALOES/kDrzRoJg I3eYa+R6U2aJa1B5Mmd9TDW+siZhTAZXrm6JNizDmi4Uh0mVs+o8tkqkOvDec9aNDz9D mkPP97N5zRSWBKKvAxst6OuBhHEW+I5zkc0QGyHONJssSpWVVSJ0TeRq8P0+IImkM7Y7 pKUwjwv2t5wbjYWa6R4uuJDYKLPD4F8VRTnVju2iHiyfMBuxeXoyfm4FFGel/85KcBJE X2Irqa2RPUmsoB6d9IRiO9gyK2y3HjqomFArUusfsLHmY07JB3TXLHXHE5YR7yw85Ra2 aY/Q== X-Gm-Message-State: AJIora9xl0hR9sQJYID66dk8T1qNl3HXrM/Lve5AmHCv/BDZGJ6Q0A6R gsRf7OB0c4C5Q9ddebOF4RPnhc1fX4/tRhHQxtx6f0BJUnQ= X-Google-Smtp-Source: AGRyM1uh3q+KL0Nf7/aWP6ogc4UL7Brm0HARnOypSGvNR6MaCiuxNj1eM5d4i7wZz9tMxnPkhFZlEU6hpuC5XPDqAdg= X-Received: by 2002:a25:d1c4:0:b0:66d:7802:17da with SMTP id i187-20020a25d1c4000000b0066d780217damr4201962ybg.435.1656539130778; Wed, 29 Jun 2022 14:45:30 -0700 (PDT) MIME-Version: 1.0 References: <20220629213428.3065430-1-adhemerval.zanella@linaro.org> <20220629213428.3065430-10-adhemerval.zanella@linaro.org> In-Reply-To: <20220629213428.3065430-10-adhemerval.zanella@linaro.org> From: Noah Goldstein Date: Wed, 29 Jun 2022 14:45:20 -0700 Message-ID: Subject: Re: [PATCH v8 9/9] manual: Add documentation for arc4random functions To: Adhemerval Zanella Cc: GNU C Library , Florian Weimer Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-8.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2022 21:45:33 -0000 On Wed, Jun 29, 2022 at 2:36 PM Adhemerval Zanella via Libc-alpha wrote: > > --- > manual/math.texi | 45 +++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 45 insertions(+) > > diff --git a/manual/math.texi b/manual/math.texi > index 477a18b6d1..ab96726e57 100644 > --- a/manual/math.texi > +++ b/manual/math.texi > @@ -1447,6 +1447,7 @@ systems. > * ISO Random:: @code{rand} and friends. > * BSD Random:: @code{random} and friends. > * SVID Random:: @code{drand48} and friends. > +* High Quality Random:: @code{arc4random} and friends. > @end menu > > @node ISO Random > @@ -1985,6 +1986,50 @@ This function is a GNU extension and should not be= used in portable > programs. > @end deftypefun > > +@node High Quality Random > +@subsection High Quality Random Number Functions > + > +This section describes the random number functions provided as a GNU > +extension, based on OpenBSD interfaces. > + > +@Theglibc{} uses kernel entropy obtained either through @code{getrandom} > +or by reading @file{/dev/urandom} to seed and periodically re-seed the > +internal state. A per-thread data pool is used, which allows fast outpu= t > +generation. > + Are we committing to per-thread data pools? I thought there were ideas to use rseq. > +Although these functions provide higher random quality than ISO, BSD, an= d > +SVID functions, these still use a Pseudo-Random generator and should not > +be used in cryptographic contexts. > + > +The internal state is cleared and reseed with kernel entropy on @code{fo= rk} > +and @code{_Fork}. It is not cleared for either direct @code{clone} sysc= all > +or when using @theglibc{} @code{syscall} function. > + > +The prototypes for these functions are in @file{stdlib.h}. > +@pindex stdlib.h > + > +@deftypefun int32_t arc4random (void) > +@standards{BSD, stdlib.h} > +@safety{@mtsafe{}@asunsafe{@asucorrupt{}}@acsafe{}} > +This function returns a single 32-bit value in the range of @code{0} to > +@code{2^32=E2=88=921} (inclusive), which is twice the range of @code{ran= d} and > +@code{random}. > +@end deftypefun > + > +@deftypefun void arc4random (void *@var{buffer}, size_t @var{length}) > +@standards{BSD, stdlib.h} > +@safety{@mtsafe{}@asunsafe{@asucorrupt{}}@acsafe{}} > +This function fills the region @var{buffer} of @var{length} with random = data. > +@end deftypefun > + > +@deftypefun uint32_t arc4random_uniform (uint32_t @var{upper_bound}) > +@standards{BSD, stdlib.h} > +@safety{@mtsafe{}@asunsafe{@asucorrupt{}}@acsafe{}} > +This function returns a single 32-bit value, uniformly distributed but > +less than the @var{upper_bound}. It avoids the @w{modulo bias} when the > +upper bound is not a power of two. > +@end deftypefun > + > @node FP Function Optimizations > @section Is Fast Code or Small Code preferred? > @cindex Optimization > -- > 2.34.1 >