[PATCH 1/1] tools: use cryptographically safe RNG
Torsten Duwe
duwe at lst.de
Fri Nov 15 12:19:36 CET 2024
On Fri, 15 Nov 2024 09:34:54 +0100
Heinrich Schuchardt <heinrich.schuchardt at canonical.com> wrote:
> Rasmus Villemoes <ravi at prevas.dk> schrieb am Fr., 15. Nov. 2024,
> 08:18:
[...]
> > Or use getrandom(), which according to the man page has been
+1
> > exposed via glibc since glibc 2.25. Or just read from /dev/urandom
> > which should work everywhere.
>
> /dev/urandom is not available in containers.
> getrandom is not available in OpenBSD.
https://man.openbsd.org/OpenBSD-6.0/getentropy
Yes, "getentropy() is not intended for regular code; [...]", but when
in doubt and there is no one size that fits all, there's nothing wrong
with a good old #ifdef or a compat wrapper IMHO.
Torsten
More information about the U-Boot
mailing list