From: One Thousand Gnomes Subject: Re: General flags to turn things off (getrandom, pid lookup, etc) Date: Wed, 30 Jul 2014 15:37:12 +0100 Message-ID: <20140730153713.736881f0@alan.etchedpixels.co.uk> References: <20140727210617.GY6725@thunk.org> <87oawa740c.fsf@x220.int.ebiederm.org> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: Andy Lutomirski , Paolo Bonzini , linux-crypto@vger.kernel.org, Henrique de Moraes Holschuh , "linux-kernel\@vger.kernel.org" , James Morris , LSM List , Al Viro , Linux API , Julien Tinnes , "Theodore Ts'o" , Greg Kroah-Hartman , Paul Moore , David Drysdale , Kees Cook , Meredydd Luff , Christoph Hellwig To: ebiederm@xmission.com (Eric W. Biederman) Return-path: Received: from lxorguk.ukuu.org.uk ([81.2.110.251]:38868 "EHLO lxorguk.ukuu.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752756AbaG3OjO (ORCPT ); Wed, 30 Jul 2014 10:39:14 -0400 In-Reply-To: <87oawa740c.fsf@x220.int.ebiederm.org> Sender: linux-crypto-owner@vger.kernel.org List-ID: > Andy you seem to be arguing here for two system calls. > get_urandom() and get_random(). > > Where get_urandom only blocks if there is not enough starting entropy, > and get_random(GRND_RANDOM) blocks if there is currently not enough > entropy. > > That would allow -ENOSYS to be the right return value and it would > simply things for everyone. So you replace the "no file handle" special case with the "unsupported or disabled syscall" special case, which is even harder to test. Interfaces have failure modes. People who can't deal with that shouldn't be writing code that does anything important in languages which don't handle it for them. Alan