lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	23 Jul 2014 07:52:53 -0400
From:	"George Spelvin" <>
Subject: Re: [PATCH, RFC] random: introduce getrandom(2) system call

I keep wishing for a more general solution.  For example, some way to
have a "spare" extra fd that could be accessed with a special O_NOFAIL

That would allow any number of library functions to not fail, such as
logging from nasty corner cases.

But you'd have to provide one per thread, and block non-fatal signals
while it was open, so you don't get reentrancy problems.  Ick.

This overly-specialized system call (and worse yet, a blocking
system call that you can't put into a poll() loop) just feels ugly
to me.  Is it *absolutely* necessary?

For example, how about simply making getentropy() a library function that
aborts if it can't open /dev/urandom?  If you're suffering fd exhaustion,
you're being DoSed already.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists