A NOTE has been added to this issue.
======================================================================
http://austingroupbugs.net/view.php?id=859
======================================================================
Reported By: tedu
Assigned To:
======================================================================
Project: 1003.1(2013)/Issue7+TC1
Issue ID: 859
Category: System Interfaces
Type: Enhancement Request
Severity: Comment
Priority: normal
Status: New
Name: Ted Unangst
Organization: OpenBSD
User Reference:
Section: posix_random
Page Number: 0
Line Number: 0
Interp Status: ---
Final Accepted Text:
======================================================================
Date Submitted: 2014-07-18 13:59 UTC
Last Modified: 2014-09-12 18:43 UTC
======================================================================
Summary: Add posix_random family of interfaces
======================================================================

----------------------------------------------------------------------
(0002386) eblake (manager) - 2014-09-12 18:43
http://austingroupbugs.net/view.php?id=859#c2386
----------------------------------------------------------------------
Upstream Linux kernel has just proposed adding a syscall getrandom() for
getting random numbers without a file descriptor:
http://lwn.net/Articles/606141/ as a superset of the existing BSD syscall
getentropy(); maybe standardizing something along this line of thought will
be better.

#include <linux/random.h>

int getrandom(void *buf, size_t buflen, unsigned int flags);

A call will fill buf with up to buflen bytes of random data that can be
used for cryptographic purposes, returning the number of bytes stored. As
might be guessed, the flags parameter will alter the behavior of the call.
In the case where flags == 0, getrandom() will block until the /dev/urandom
pool has been initialized. If flags is set to GRND_NONBLOCK, then
getrandom() will return -1 with an error number of EAGAIN if the pool is
not initialized.

Issue History
Date Modified Username Field Change
======================================================================
2014-07-18 13:59 tedu New Issue
2014-07-18 13:59 tedu Name => Ted Unangst
2014-07-18 13:59 tedu Organization => OpenBSD
2014-07-18 13:59 tedu Section => posix_random
2014-07-18 13:59 tedu Page Number => 0
2014-07-18 13:59 tedu Line Number => 0
2014-07-18 14:04 tedu Note Added: 0002314
2014-07-18 17:35 mdempsky Note Added: 0002317
2014-07-18 17:51 mdempsky Note Added: 0002318
2014-07-18 18:22 tedu Note Added: 0002319
2014-07-21 02:59 dalias Note Added: 0002320
2014-07-21 04:07 mdempsky Note Added: 0002321
2014-07-21 04:41 dalias Note Added: 0002322
2014-08-21 15:51 eblake Note Added: 0002352
2014-08-21 15:52 eblake Note Edited: 0002352
2014-09-12 18:37 eblake Note Added: 0002385
2014-09-12 18:43 eblake Note Added: 0002386
======================================================================

A NOTE has been added to this issue.
======================================================================
http://austingroupbugs.net/view.php?id=859
======================================================================
Reported By: tedu
Assigned To:
======================================================================
Project: 1003.1(2013)/Issue7+TC1
Issue ID: 859
Category: System Interfaces
Type: Enhancement Request
Severity: Comment
Priority: normal
Status: New
Name: Ted Unangst
Organization: OpenBSD
User Reference:
Section: posix_random
Page Number: 0
Line Number: 0
Interp Status: ---
Final Accepted Text:
======================================================================
Date Submitted: 2014-07-18 13:59 UTC
Last Modified: 2014-09-12 18:57 UTC
======================================================================
Summary: Add posix_random family of interfaces
======================================================================

----------------------------------------------------------------------
(0002387) dalias (reporter) - 2014-09-12 18:57
http://austingroupbugs.net/view.php?id=859#c2387
----------------------------------------------------------------------
The new Linux getrandom, and the BSD getentropy, are the type of primitive
you would want to use in implementing posix_random. So from my perspective,
the question is a matter of which one is more useful to standardize: an
underlying primitive to get secure entropy, or an interface that wraps this
operation conveniently with a way to get multiple "random" numbers based on
the entropy source, but without having to go back to the kernel each time.

My feeling is that, as proposed so far, posix_random does not offer
sufficient guarantees on how it's implemented to be very appealing to
programs that need secure random numbers, e.g. for key generation. If it's
standardized, I fear most software will just ignore it and use
system-specific mechanisms like getrandom or getentropy instead. Maybe
there are improvements that could be made to assure users that posix_random
can be used safely?

Issue History
Date Modified Username Field Change
======================================================================
2014-07-18 13:59 tedu New Issue
2014-07-18 13:59 tedu Name => Ted Unangst
2014-07-18 13:59 tedu Organization => OpenBSD
2014-07-18 13:59 tedu Section => posix_random
2014-07-18 13:59 tedu Page Number => 0
2014-07-18 13:59 tedu Line Number => 0
2014-07-18 14:04 tedu Note Added: 0002314
2014-07-18 17:35 mdempsky Note Added: 0002317
2014-07-18 17:51 mdempsky Note Added: 0002318
2014-07-18 18:22 tedu Note Added: 0002319
2014-07-21 02:59 dalias Note Added: 0002320
2014-07-21 04:07 mdempsky Note Added: 0002321
2014-07-21 04:41 dalias Note Added: 0002322
2014-08-21 15:51 eblake Note Added: 0002352
2014-08-21 15:52 eblake Note Edited: 0002352
2014-09-12 18:37 eblake Note Added: 0002385
2014-09-12 18:43 eblake Note Added: 0002386
2014-09-12 18:57 dalias Note Added: 0002387
======================================================================