Page MenuHomeFreeBSD

getrandom(2): Add Linux GRND_INSECURE API flag
ClosedPublic

Authored by cem on Jan 10 2020, 11:21 PM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 8 2024, 6:12 PM
Unknown Object (File)
Dec 20 2023, 8:38 AM
Unknown Object (File)
Oct 25 2023, 6:14 PM
Unknown Object (File)
Oct 25 2023, 4:14 PM
Unknown Object (File)
Oct 3 2023, 4:35 PM
Unknown Object (File)
Sep 11 2023, 10:42 PM
Unknown Object (File)
Aug 6 2023, 3:40 PM
Unknown Object (File)
Aug 6 2023, 3:38 PM
Subscribers

Details

Summary

Treat it as a synonym for GRND_NONBLOCK, for reasons argued in the new code
comment. Document in getrandom.2.

Test Plan

See summary of the Linux change https://lwn.net/ml/linux-kernel/cover.1577088521.git.luto@kernel.org/ :

It adds getentropy(..., GRND_INSECURE). This causes getentropy to always return *something*. There is no guarantee whatsoever that the result will be cryptographically random or even unique, but the kernel will give the best quality random output it can. The name is a big hint: the resulting output is INSECURE.

The purpose of this is to allow programs that genuinely want best-effort entropy to get it without resorting to /dev/urandom. Plenty of programs do this because they need to do *something* during boot and they can't afford to wait. Calling it "INSECURE" is probably the best we can do to discourage using this API for things that need security.

GRND_INSECURE patch: https://lwn.net/ml/linux-kernel/d5473b56cf1fa900ca4bd2b3fc1e5b8874399919.1577088521.git.luto@kernel.org/ ,
GRND_INSECURE accepted by tytso: https://lwn.net/ml/linux-kernel/20200107204400.GH3619@mit.edu/

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

bcr added a subscriber: bcr.

OK from manpages.

markm added a subscriber: markm.
markm added inline comments.
lib/libc/sys/getrandom.2
1 ↗(On Diff #66607)

Aren't we dropping the "All rights reserved" bit as being legally meaningless?

This revision is now accepted and ready to land.Jan 12 2020, 12:21 PM
lib/libc/sys/getrandom.2
1 ↗(On Diff #66607)

I'm not a lawyer and I haven't heard that from my lawyer, so I'll just leave it in for now. (This revision just pulls it all on a single line, which is the current guidance -- to clarify which copyright(s) the A.R.R. applies to.)

This revision was automatically updated to reflect the committed changes.