"brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> writes: > When arc4random was added to glibc, the Linux kernel CSPRNG maintainer > argued that it was not a secure approach (I disagree), and convinced the > glibc maintainers to just make it a wrapper around the Linux kernel > CSPRNG, which it now is. So there's no actual benefit to calling > arc4random versus getrandom, and since it's newer and less commonly > available than getrandom, as well as slightly slower (because of an > extra function call), getrandom should be preferred. This https://www.phoronix.com/news/GNU-Glibc-arc4random-Functions was the first hit of my search in the area, but I think you are referring to https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=eaad4f9 that happened 5 days after the thing got in and the code there tells me that your summary of the situation is quite accurate. So I agree that dropping this patch makes sense, but do we want to do a bit more to improve the situation? Here is an attempt to improve what we have in Makefile (and possibly the Linux section in config.mak.uname, but that is improving what we do not have) to tell folks that arc4random in glibc is only for compatibility and they should pick getrandom() until the situation changes. --- >8 --- Subject: config/Makefile: a note on CSPRNG_METHOD choice for Linux arc4random() was added to glibc in July 2022, but quickly replaced by a stub implementation that wraps around getrandom(). Hence there is no actual benefit to calling arc4random() over getrandom() on glibc based systems, at least for now. To avoid enticing Linux users to choose arc4random(), leave a note that their arc4random() in glibc is not the same as what their friends use on other platforms, and guide them to use getrandom() instead in the meantime. Helped-by: "brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Junio C Hamano <gitster@xxxxxxxxx> --- Makefile | 5 +++-- config.mak.uname | 2 ++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git c/Makefile w/Makefile index 7315507381..7214936295 100644 --- c/Makefile +++ w/Makefile @@ -155,8 +155,9 @@ include shared.mak # Define NO_TRUSTABLE_FILEMODE if your filesystem may claim to support # the executable mode bit, but doesn't really do so. # -# Define CSPRNG_METHOD to "arc4random" if your system has arc4random and -# arc4random_buf, "libbsd" if your system has those functions from libbsd, +# Define CSPRNG_METHOD to "arc4random" if your system has true arc4random and +# arc4random_buf (not wrappers around "getrandom" shipped with glibc), +# "libbsd" if your system has those functions from libbsd, # "getrandom" if your system has getrandom, "getentropy" if your system has # getentropy, "rtlgenrandom" for RtlGenRandom (Windows only), or "openssl" if # you'd want to use the OpenSSL CSPRNG. You may set multiple options with diff --git c/config.mak.uname w/config.mak.uname index b12d4e168a..6bf511f24b 100644 --- c/config.mak.uname +++ w/config.mak.uname @@ -58,6 +58,8 @@ ifeq ($(uname_S),Linux) NEEDS_LIBRT = YesPlease HAVE_SYNC_FILE_RANGE = YesPlease HAVE_GETDELIM = YesPlease + # note: don't choose arc4random on glibc systems + CSPRNG_METHOD = FREAD_READS_DIRECTORIES = UnfortunatelyYes BASIC_CFLAGS += -DHAVE_SYSINFO PROCFS_EXECUTABLE_PATH = /proc/self/exe
