20.11.2019 13:58, Stephan Müller пишет:
> Or another idea and apologies if I restart this conversation as there was
> already a discussion around it: what about extending the getrandom(2) call
> instead of adding a device file?
>
> What about adding yet another flag to getrandom: GRND_TRUERANDOM and process
> it as follows:
>
> if (flags & ~(GRND_NONBLOCK|GRND_RANDOM|GRND_INSECURE|
> GRND_TRUERANDOM))
> return -EINVAL;
>
> //From Andy's tree
> /*
> * Requesting insecure and blocking randomness at the same time makes
> * no sense.
> */
> if ((flags & (GRND_INSECURE|GRND_RANDOM)) == (GRND_INSECURE|
> GRND_RANDOM))
> return -EINVAL;
>
> /* We only allow GRND_TRUERANDOM by itself or with NONBLOCK */
> if (! ((flags & GRND_TRUERANDOM) &&
> ((flags == GRND_TRUERANDOM) ||
> (flags == GRND_TRUERANDOM | GRND_NONBLOCK))))
> return -EINVAL;
>
> if (flags & GRND_TRUERANDOM) {
> ... do the TRNG processing ...
> ... may return -ENOPNOTSUPP if no TRNG available ...
> }
This would totally miss the point of adding a device node: UNIX
permissions that don't allow "others" to read and deplete "true" random
numbers.
--
Alexander E. Patrakov