[Toybox] [PATCH] xgetrandom: fix macOS build.

enh enh at google.com
Mon Jun 20 19:30:10 PDT 2022


On Mon, Jun 20, 2022 at 3:21 PM Rob Landley <rob at landley.net> wrote:

> On 6/19/22 12:37, enh via Toybox wrote:
> > BSD has <sys/random.h> first, but has getentropy() in there. glibc
> > has getentropy() in addition to getrandom(), but they keep it in
> > <unistd.h> instead. Since both went in in glibc 2.25 I don't think
> > this will matter in practice, but if this does cause trouble, we
> > can have separate getentropy() and getrandom() implementations for
> > the BSDs versus glibc.
>
> Hmmm... git annotate says
> https://github.com/bminor/glibc/commit/ccb8b7f7d48 from december 27,
> 2016. No wait, that was inside an #ifdef STALLMAN_FTAGHN which changed
> to something realistic in commit
> https://github.com/bminor/glibc/commit/a851999f61a four days later.
>
> Five and a half years, meaning maybe five in distros. Not the full
> seven, but I'll wait for somebody to complain I guess?
>
> > This does mean that the only valid values for `flags` are now 0 or
> > WARN_ONLY, but that was already effectively true anyway because
> > GRND_NONBLOCK != O_NONBLOCK so the fallback path was already broken.
>
> Everything should always be reading from /dev/urandom not /dev/random
> these days. Anything else is a denial of service attack waiting to
> happen. (Either the pool is properly initialized or it isn't.)
>

i was just wondering whether `int warn` (treated as a boolean) would be
less unclear than `int flags`, since WARN_ONLY is the flag that works.


> Rob
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.landley.net/pipermail/toybox-landley.net/attachments/20220620/694aa316/attachment.htm>


More information about the Toybox mailing list