Re: [PATCH] [RFC] initial getrandom wrapper to provide getentropy for LibreSSL
From: Theodore Ts'o
Date: Fri Jul 18 2014 - 12:20:15 EST
On Fri, Jul 18, 2014 at 08:09:52AM -0500, Brent Cook wrote:
> On Jul 18, 2014, at 1:49 AM, Brent Cook <busterb@xxxxxxxxx> wrote:
>
> > From: Brent Cook <bcook@xxxxxxxxxxx>
> >
> > This is not a kernel patch, but rather an initial test of the API to see
> > how it might mesh LibreSSL's expectations for how getentropy works.
> >
> > It is a bit more code to carefully handle the extra return values, as
> > not reading enough bytes, because there is an unhandled EINTR, might
> > lead to an unseeded CSPRNG.
Take a look at the latest patch for getrandom. It contains a
suggested wrapper which should be sufficient for emulation of
OpenBSD's getentropy(), and a lot of discussion of when you don't need
to worry about getting the EINTR.
http://lists.openwall.net/linux-kernel/2014/07/18/329
Again, please don't commit anything until the syscall number and
interface is finalized. What is out here is for review, and I already
have in the git commit a suggested wrapper to provide getentropy(2).
If you don't think it's good enough, please let me know what your
concerns might be. (And yes, I've fixed the obvious missing open
brace already. :-)
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/