[PATCH] Update to the Samba crypto requirements document

Andrew Bartlett abartlet at samba.org
Wed Feb 21 02:56:28 UTC 2018


On Thu, 2018-01-04 at 11:24 +0100, Volker Lendecke via samba-technical
wrote:
> 
> We can do either. /dev/urandom *or* getentropy syscall, determined at
> compile time. No runtime fallback.
> 
> If modern glibc screws us on old kernels, we just can't use
> getentropy.

I certainly agree that this needs to be compile-time and if at runtime
it fails with ENOSYS we just abort().  I realise the whole build host
vs runtime host thing, but in this security critical space fallbacks
just end up in disaster. 

Thankfully the manpage indicates a failure and not internal fallbacks
(comparing favourably with the libbsd thing I blasted a few days ago)

"ENOSYS This kernel version does not implement the getrandom(2) system
call required to implement this function."

That is what Andreas's patch does, so could we move it forward?

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba







More information about the samba-technical mailing list