Theodore Ts'o wrote:
It's me again, finding only one issue per cycle :/
> EAGAIN The requested entropy was not available, and
> getentropy(2) would have blocked if GRND_BLOCK flag
> was set.
"if GRND_NONBLOCK flag was not set"
Eike
--
T
On Thu, Jul 24, 2014 at 04:27:36PM -0700, Andy Lutomirski wrote:
>
> I think that people might do:
>
> try getrandom(GRND_RANDOM)
> fall back to /dev/random
> fall back to something intensely stupid
>
> We want them to at least attempt the fallback from GRND_RANDOM to
> !GRND_RANDOM.
We can't
On Thu, 24 Jul 2014, Theodore Ts'o wrote:
> On Thu, Jul 24, 2014 at 05:30:19PM -0300, Henrique de Moraes Holschuh wrote:
> > > I wouldn't add the error to the man page until we actually modify the
> > > kernel to add such a restriction.
> >
> > By then, it might be too late. It would be really sa
On 07/24/2014 01:54 PM, Andy Lutomirski wrote:
>
> Or that someone writes userspace code that gets -EPERM/-EACCESS on
> getrandom with GRND_RANDOM and falls back to something worse than
> getrandom w/o GRND_RANDOM.
>
-ENXIO?
-hpa
--
To unsubscribe from this list: send the line "unsubs
On Thu, Jul 24, 2014 at 4:24 PM, Theodore Ts'o wrote:
> On Thu, Jul 24, 2014 at 05:30:19PM -0300, Henrique de Moraes Holschuh wrote:
>> > I wouldn't add the error to the man page until we actually modify the
>> > kernel to add such a restriction.
>>
>> By then, it might be too late. It would be r
On Thu, Jul 24, 2014 at 05:30:19PM -0300, Henrique de Moraes Holschuh wrote:
> > I wouldn't add the error to the man page until we actually modify the
> > kernel to add such a restriction.
>
> By then, it might be too late. It would be really sad to find ourselves
> forced to return ENOSYS to get
On Thu, Jul 24, 2014 at 1:30 PM, Henrique de Moraes Holschuh
wrote:
> On Thu, 24 Jul 2014, Theodore Ts'o wrote:
>> On Thu, Jul 24, 2014 at 08:21:38AM -0700, Andy Lutomirski wrote:
>> > > Should we add E to be able to deny access to GRND_RANDOM or
>> > > some
>> > > future extension ?
>> >
>> > Th
On Thu, 24 Jul 2014, Theodore Ts'o wrote:
> On Thu, Jul 24, 2014 at 08:21:38AM -0700, Andy Lutomirski wrote:
> > > Should we add E to be able to deny access to GRND_RANDOM or
> > > some
> > > future extension ?
> >
> > This might actually be needed sooner rather than later. There are
> > program
On Thu, Jul 24, 2014 at 08:21:38AM -0700, Andy Lutomirski wrote:
> >
> > Should we add E to be able to deny access to GRND_RANDOM or some
> > future extension ?
>
> This might actually be needed sooner rather than later. There are
> programs that use containers and intentionally don't pass /dev/r
On Thu, Jul 24, 2014 at 8:18 AM, Henrique de Moraes Holschuh
wrote:
> On Thu, 24 Jul 2014, Theodore Ts'o wrote:
>> ERRORS
>> EINVAL An invalid flag was passed to getrandom(2)
>>
>> EFAULT buf is outside the accessible address space.
>>
>> EAGAIN The req
On Thu, 24 Jul 2014, Theodore Ts'o wrote:
> ERRORS
> EINVAL An invalid flag was passed to getrandom(2)
>
> EFAULT buf is outside the accessible address space.
>
> EAGAIN The requested entropy was not available, and
> getentropy(2)
The getrandom(2) system call was requested by the LibreSSL Portable
developers. It is analoguous to the getentropy(2) system call in
OpenBSD.
The rationale of this system call is to provide resiliance against
file descriptor exhaustion attacks, where the attacker consumes all
available file descr
12 matches
Mail list logo
