On 26/07/22 09:47, Jason A. Donenfeld wrote: > Hi Adhemerval, > > On Tue, Jul 26, 2022 at 09:34:57AM -0300, Adhemerval Zanella Netto wrote: >> kernel newer than 3.17) it means some syscall filtering, and I am not sure >> we should need to actually handle it. > > One thing to keep in mind is that people who use CUSE-based /dev/urandom > implementations might not like this, as it means they'd also have to > intercept getrandom() rather than just ENOSYS'ing it. But maybe that's > fine. I don't know of anyone actually doing this in the real world at > the moment. > I think it is a fair assumption that if you trying to implement your own character device in userland, we should know the implications for the environment. From glibc standpoint, and I would for this whole thread, we should assume that getrandom is de-facto API for entropy.