Treat it as a synonym for GRND_NONBLOCK, for reasons argued in the new code
comment. Document in getrandom.2.
Details
Details
- Reviewers
markm - Group Reviewers
csprng manpages - Commits
- rS356667: getrandom(2): Add Linux GRND_INSECURE API flag
See summary of the Linux change https://lwn.net/ml/linux-kernel/cover.1577088521.git.luto@kernel.org/ :
It adds getentropy(..., GRND_INSECURE). This causes getentropy to always return *something*. There is no guarantee whatsoever that the result will be cryptographically random or even unique, but the kernel will give the best quality random output it can. The name is a big hint: the resulting output is INSECURE.
The purpose of this is to allow programs that genuinely want best-effort entropy to get it without resorting to /dev/urandom. Plenty of programs do this because they need to do *something* during boot and they can't afford to wait. Calling it "INSECURE" is probably the best we can do to discourage using this API for things that need security.
GRND_INSECURE patch: https://lwn.net/ml/linux-kernel/d5473b56cf1fa900ca4bd2b3fc1e5b8874399919.1577088521.git.luto@kernel.org/ ,
GRND_INSECURE accepted by tytso: https://lwn.net/ml/linux-kernel/20200107204400.GH3619@mit.edu/
Diff Detail
Diff Detail
- Repository
- rS FreeBSD src repository - subversion
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
| lib/libc/sys/getrandom.2 | ||
|---|---|---|
| 1 ↗ | (On Diff #66607) | Aren't we dropping the "All rights reserved" bit as being legally meaningless? |
| lib/libc/sys/getrandom.2 | ||
|---|---|---|
| 1 ↗ | (On Diff #66607) | I'm not a lawyer and I haven't heard that from my lawyer, so I'll just leave it in for now. (This revision just pulls it all on a single line, which is the current guidance -- to clarify which copyright(s) the A.R.R. applies to.) |