Module Name: src
Committed By: riastradh
Date: Fri Aug 14 00:53:16 UTC 2020
Modified Files:
src/distrib/sets/lists/comp: mi
src/distrib/sets/lists/debug: mi
src/distrib/sets/lists/tests: mi
src/lib/libc/sys: Makefile.inc
src/sys/dev: random.c
src/sys/kern: files.kern kern_entropy.c syscalls.master
src/sys/rump/librump/rumpkern: Makefile.rumpkern
src/sys/sys: Makefile entropy.h
src/tests/lib/libc/sys: Makefile
Added Files:
src/lib/libc/sys: getrandom.2
src/sys/kern: sys_getrandom.c
src/sys/sys: random.h
src/tests/lib/libc/sys: t_getrandom.c
Log Message:
New system call getrandom() compatible with Linux and others.
Three ways to call:
getrandom(p, n, 0) Blocks at boot until full entropy.
Returns up to n bytes at p; guarantees
up to 256 bytes even if interrupted
after blocking. getrandom(0,0,0)
serves as an entropy barrier: return
only after system has full entropy.
getrandom(p, n, GRND_INSECURE) Never blocks. Guarantees up to 256
bytes even if interrupted. Equivalent
to /dev/urandom. Safe only after
successful getrandom(...,0),
getrandom(...,GRND_RANDOM), or read
from /dev/random.
getrandom(p, n, GRND_RANDOM) May block at any time. Returns up to n
bytes at p, but no guarantees about how
many -- may return as short as 1 byte.
Equivalent to /dev/random. Legacy.
Provided only for source compatibility
with Linux.
Can also use flags|GRND_NONBLOCK to fail with EWOULDBLOCK/EAGAIN
without producing any output instead of blocking.
- The combination GRND_INSECURE|GRND_NONBLOCK is the same as
GRND_INSECURE, since GRND_INSECURE never blocks anyway.
- The combinations GRND_INSECURE|GRND_RANDOM and
GRND_INSECURE|GRND_RANDOM|GRND_NONBLOCK are nonsensical and fail
with EINVAL.
As proposed on tech-userlevel, tech-crypto, tech-security, and
tech-kern, and subsequently adopted by core (minus the getentropy part
of the proposal, because other operating systems and participants in
the discussion couldn't come to an agreement about getentropy and
blocking semantics):
https://mail-index.netbsd.org/tech-userlevel/2020/05/02/msg012333.html
To generate a diff of this commit:
cvs rdiff -u -r1.2342 -r1.2343 src/distrib/sets/lists/comp/mi
cvs rdiff -u -r1.326 -r1.327 src/distrib/sets/lists/debug/mi
cvs rdiff -u -r1.888 -r1.889 src/distrib/sets/lists/tests/mi
cvs rdiff -u -r1.244 -r1.245 src/lib/libc/sys/Makefile.inc
cvs rdiff -u -r0 -r1.1 src/lib/libc/sys/getrandom.2
cvs rdiff -u -r1.7 -r1.8 src/sys/dev/random.c
cvs rdiff -u -r1.50 -r1.51 src/sys/kern/files.kern
cvs rdiff -u -r1.22 -r1.23 src/sys/kern/kern_entropy.c
cvs rdiff -u -r0 -r1.1 src/sys/kern/sys_getrandom.c
cvs rdiff -u -r1.305 -r1.306 src/sys/kern/syscalls.master
cvs rdiff -u -r1.184 -r1.185 src/sys/rump/librump/rumpkern/Makefile.rumpkern
cvs rdiff -u -r1.175 -r1.176 src/sys/sys/Makefile
cvs rdiff -u -r1.3 -r1.4 src/sys/sys/entropy.h
cvs rdiff -u -r0 -r1.1 src/sys/sys/random.h
cvs rdiff -u -r1.66 -r1.67 src/tests/lib/libc/sys/Makefile
cvs rdiff -u -r0 -r1.1 src/tests/lib/libc/sys/t_getrandom.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
