* Jason A. Donenfeld: > API-wise, vDSO getrandom has a pair of functions: > > ssize_t getrandom(void *state, void *buffer, size_t len, unsigned int flags); > void *getrandom_alloc([inout] size_t *num, [out] size_t *size_per_each); > > In the first function, the return value and the latter 3 arguments are > the same as ordinary getrandom(), while the first argument is a pointer > to some state allocated with getrandom_alloc(). getrandom_alloc() takes > the desired number of states, and returns an array of states, the number > actually allocated, and the size in bytes of each one, enabling a libc > to use one per thread. We very intentionally do *not* leave state > allocation up to the caller. There are too many weird things that can go > wrong, and it's important that vDSO does not provide too generic of a > mechanism. It's not going to store its state in just any old memory > address. It'll do it only in ones it allocates. I still don't see why this couldn't be per-thread state (if you handle fork generations somehow). I also think it makes sense to introduce batching for the system call implementation first, and tie that to the vDSO acceleration. I expect a large part of the benefit comes from the batching, not the system call avoidance. Thanks, Florian