> On 28 Mar 2018, at 01:16, Theodore Y. Ts'o <tytso at mit.edu> wrote: > > On Tue, Mar 27, 2018 at 04:51:08PM +0300, Ilya Smith wrote: >>> /dev/[u]random is not sufficient? >> >> Using /dev/[u]random makes 3 syscalls - open, read, close. This is a performance >> issue. > > You may want to take a look at the getrandom(2) system call, which is > the recommended way getting secure random numbers from the kernel. > >>> Well, I am pretty sure userspace can implement proper free ranges >>> tracking? >> >> I think we need to know what libc developers will say on implementing ASLR in >> user-mode. I am pretty sure they will say ?nether? or ?some-day?. And problem >> of ASLR will stay forever. > > Why can't you send patches to the libc developers? > > Regards, > > - Ted I still believe the issue is on kernel side, not in library. Best regards, Ilya
