about summary refs log tree commit diff
path: root/NEWS
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2022-06-23 08:46:40 +0000
committerLaurent Bercot <ska@appnovation.com>2022-06-23 08:46:40 +0000
commit664f0f3af7eb8aef89e6b1adee2d83b4c4f4cf9f (patch)
treee65e96fbad077f0fe152b7560ec2f5a6ea259e8d /NEWS
parent0e4bc9efc11636b2d06e2cf6dccb7e6a6094f08f (diff)
downloadskalibs-664f0f3af7eb8aef89e6b1adee2d83b4c4f4cf9f.tar.gz
skalibs-664f0f3af7eb8aef89e6b1adee2d83b4c4f4cf9f.tar.xz
skalibs-664f0f3af7eb8aef89e6b1adee2d83b4c4f4cf9f.zip
Add runtime fallback for GRND_INSECURE
The grndinsecure sysdep is only build-time tested and returns yes
if the kernel headers declare GRND_INSECURE. That is a problem
because the kernel headers are most likely provided by the toolchain
and do not reflect the exact capabilities of the run-time kernel.

If the run-time kernel doesn't support that option, getrandom()
fails. That made random_buf_early() busyloop.

To avoid that, we now fallback to random_devurandom() as an
implementation of random_buf_early() if getrandom() fails when
used with GRND_INSECURE. This adds a slight amount of overhead
to random_buf_early(), so it's probably better to just disable
the sysdep at build time if you're making binaries that will run
on older kernels.

Signed-off-by: Laurent Bercot <ska@appnovation.com>
Diffstat (limited to 'NEWS')
0 files changed, 0 insertions, 0 deletions