On Mon, Apr 25, 2016 at 10:02 AM, Stephan Mueller <smueller@xxxxxxxxxx> wrote: >> > One more item to consider: If you do not want to change to use >> > getrandom(2), the LRNG provides you with another means. >> The main problem is not about willing to switch to getrandom() or not, >> but finding any system where getrandom() exists. Today due to libc not >> having the call, we can only use /dev/urandom and applications would >> most likely continue to do so long time after getrandom() is >> introduced to libc. > Implement the syscall yourself with syscall(). If you get ENOSYS back, revert > to your old logic of seeding from /dev/urandom. That's far from a solution and I wouldn't recommend to anyone doing that. We cannot expect each and every program to do glibc's job. The purpose of a system call like getrandom is to simplify the complex use of /dev/urandom and eliminate it, not to make code handling randomness in applications even worse. regards, Nikos -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html