libc: Reintroduce getentropy.

This was introduced two years ago when the getrandom/getentropy API question was still open, and removed because the discussion was ongoing. Now getentropy is more widely adopted and soon to be in POSIX. So reintroduce the symbol into libc since we'll be keeping it anyway. Discussion of details of the semantics, as interpreted by NetBSD, is ongoing, but the symbol needs to get in before the netbsd-10 branch. The draft POSIX text is (https://www.opengroup.org/austin/docs/austin_1110.pdf): SYNOPSIS #include <unistd.h> int getentropy(void *buffer, size_t length); DESCRIPTION The getentropy() function shall write length bytes of data starting at the location pointed to by buffer. The output shall be unpredictable high quality random data, generated by a cryptographically secure pseudo-random number generator. The maximum permitted value for the length argument is given by the {GETENTROPY_MAX} symbolic constant defined in <limits.h>. RETURN VALUES Upon successful completion, getentropy() shall return 0; otherwise, -1 shall be retunred and errno set to indicate the error. ERRORS The getentropy() function shall fail if: [EINVAL] The value of length is greater than {GETENTROPY_MAX}. The getentropy() function may fail if: [ENOSYS] The system does not provide the necessary source of entropy. RATIONALE The getentropy() function is not a cancellation point. Minor changes from the previous introduction of getentropy into libc: - Return EINVAL, not EIO, on buflen > 256. - Define GETENTROPY_MAX in limits.h. The declaration of getentropy in unistd.h and definition of GETENTROPY_MAX in limits.h are currently conditional on _NETBSD_SOURCE. When the next revision of POSIX is finalized, we can expose them also under _POSIX_C_SOURCE > 20yymmL as usual -- and this can be done as a pullup without breaking existing compiled programs.
2022-05-31 13:42:58 +00:00 · 2022-05-31 13:42:58 +00:00 · 2b5e567d9c
parent 4c33e72fa2
commit 2b5e567d9c
11 changed files with 372 additions and 13 deletions
--- a/distrib/sets/lists/comp/mi
+++ b/distrib/sets/lists/comp/mi
@ -1,4 +1,4 @@
-#	$NetBSD: mi,v 1.2414 2022/05/27 07:28:21 nia Exp $
+#	$NetBSD: mi,v 1.2415 2022/05/31 13:42:58 riastradh Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 ./etc/mtree/set.comp				comp-sys-root
@ -7698,7 +7698,7 @@
 ./usr/share/man/cat3/getdiskrawname.0		comp-c-catman		.cat
 ./usr/share/man/cat3/getdomainname.0		comp-c-catman		.cat
 ./usr/share/man/cat3/getdtablesize.0		comp-c-catman		.cat
-./usr/share/man/cat3/getentropy.0		comp-c-catman		obsolete
+./usr/share/man/cat3/getentropy.0		comp-c-catman		.cat
 ./usr/share/man/cat3/getenv.0			comp-c-catman		.cat
 ./usr/share/man/cat3/getenv_r.0			comp-c-catman		.cat
 ./usr/share/man/cat3/getfsent.0			comp-c-catman		.cat
@ -16018,7 +16018,7 @@
 ./usr/share/man/html3/getdiskrawname.html	comp-c-htmlman		html
 ./usr/share/man/html3/getdomainname.html	comp-c-htmlman		html
 ./usr/share/man/html3/getdtablesize.html	comp-c-htmlman		html
-./usr/share/man/html3/getentropy.html		comp-c-htmlman		obsolete
+./usr/share/man/html3/getentropy.html		comp-c-htmlman		html
 ./usr/share/man/html3/getenv.html		comp-c-htmlman		html
 ./usr/share/man/html3/getenv_r.html		comp-c-htmlman		html
 ./usr/share/man/html3/getfsent.html		comp-c-htmlman		html
@ -24276,7 +24276,7 @@
 ./usr/share/man/man3/getdiskrawname.3		comp-c-man		.man
 ./usr/share/man/man3/getdomainname.3		comp-c-man		.man
 ./usr/share/man/man3/getdtablesize.3		comp-c-man		.man
-./usr/share/man/man3/getentropy.3		comp-c-man		obsolete
+./usr/share/man/man3/getentropy.3		comp-c-man		.man
 ./usr/share/man/man3/getenv.3			comp-c-man		.man
 ./usr/share/man/man3/getenv_r.3			comp-c-man		.man
 ./usr/share/man/man3/getfsent.3			comp-c-man		.man
--- a/distrib/sets/lists/debug/mi
+++ b/distrib/sets/lists/debug/mi
@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.385 2022/05/29 15:23:20 nia Exp $
+# $NetBSD: mi,v 1.386 2022/05/31 13:42:59 riastradh Exp $
 ./etc/mtree/set.debug                           comp-sys-root
 ./usr/lib					comp-sys-usr		compatdir
 ./usr/lib/i18n/libBIG5_g.a			comp-c-debuglib		debuglib,compatfile
@ -2007,6 +2007,7 @@
 ./usr/libdata/debug/usr/tests/lib/libc/gen/t_fpsetround.debug		tests-lib-debug		debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/lib/libc/gen/t_ftok.debug			tests-lib-debug		debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/lib/libc/gen/t_getcwd.debug		tests-lib-debug		debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/lib/libc/gen/t_getentropy.debug		tests-lib-debug		debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/lib/libc/gen/t_getgrent.debug		tests-lib-debug		debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/lib/libc/gen/t_glob.debug			tests-lib-debug		debug,atf,compattestfile
 ./usr/libdata/debug/usr/tests/lib/libc/gen/t_glob_star.debug		tests-obsolete		obsolete,compattestfile
--- a/distrib/sets/lists/tests/mi
+++ b/distrib/sets/lists/tests/mi
@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.1208 2022/05/27 07:28:22 nia Exp $
+# $NetBSD: mi,v 1.1209 2022/05/31 13:42:59 riastradh Exp $
 #
 # Note: don't delete entries from here - mark them as "obsolete" instead.
 #
@ -2867,6 +2867,7 @@
 ./usr/tests/lib/libc/gen/t_fpsetround			tests-lib-tests		compattestfile,atf
 ./usr/tests/lib/libc/gen/t_ftok				tests-lib-tests		compattestfile,atf
 ./usr/tests/lib/libc/gen/t_getcwd			tests-lib-tests		compattestfile,atf
 ./usr/tests/lib/libc/gen/t_getentropy			tests-lib-tests		compattestfile,atf
 ./usr/tests/lib/libc/gen/t_getgrent			tests-lib-tests		compattestfile,atf
 ./usr/tests/lib/libc/gen/t_glob				tests-lib-tests		compattestfile,atf
 ./usr/tests/lib/libc/gen/t_glob_star			tests-obsolete		obsolete
--- a/include/limits.h
+++ b/include/limits.h
@ -1,4 +1,4 @@
-/*	$NetBSD: limits.h,v 1.42 2019/09/15 23:52:59 christos Exp $	*/
+/*	$NetBSD: limits.h,v 1.43 2022/05/31 13:42:59 riastradh Exp $	*/
 /*
 * Copyright (c) 1988, 1993
@ -144,6 +144,10 @@
 #define MB_LEN_MAX		32	/* Allow ISO/IEC 2022 */
 #ifdef _NETBSD_SOURCE
 #define	GETENTROPY_MAX		256
 #endif
 #include <machine/limits.h>
 #ifdef __CHAR_UNSIGNED__
--- a/include/unistd.h
+++ b/include/unistd.h
@ -1,4 +1,4 @@
-/*	$NetBSD: unistd.h,v 1.162 2021/10/15 22:32:28 andvar Exp $	*/
+/*	$NetBSD: unistd.h,v 1.163 2022/05/31 13:42:59 riastradh Exp $	*/
 /*-
 * Copyright (c) 1998, 1999, 2008 The NetBSD Foundation, Inc.
@ -338,6 +338,7 @@ int	 fchroot(int);
 int	 fdiscard(int, off_t, off_t);
 int	 fsync_range(int, int, off_t, off_t);
 int	 getdomainname(char *, size_t);
 int	 getentropy(void *, size_t);
 int	 getgrouplist(const char *, gid_t, gid_t *, int *);
 int	 getgroupmembership(const char *, gid_t, gid_t *, int, int *);
 mode_t	 getmode(const void *, mode_t);
--- a/lib/libc/gen/Makefile.inc
+++ b/lib/libc/gen/Makefile.inc
@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.inc,v 1.215 2021/11/15 14:01:51 christos Exp $
+#	$NetBSD: Makefile.inc,v 1.216 2022/05/31 13:42:59 riastradh Exp $
 #	from: @(#)Makefile.inc	8.6 (Berkeley) 5/4/95
 # gen sources
@ -15,7 +15,7 @@ SRCS+=	alarm.c alphasort.c arc4random.c assert.c asysctl.c \
 	errc.c errlist.c errno.c execl.c execle.c execlp.c execv.c execvp.c \
 	exect.c extattr.c fmtcheck.c fmtmsg.c fnmatch.c fstab.c ftok.c \
 	fts.c ftw.c getbsize.c getcap.c getcwd.c \
-	getdevmajor.c getdomainname.c getgrent.c \
+	getdevmajor.c getdomainname.c getentropy.c getgrent.c \
 	getgrouplist.c getgroupmembership.c gethostname.c \
 	getloadavg.c getlogin.c getmntinfo.c \
 	getnetgrent.c getpagesize.c \
@ -61,7 +61,7 @@ MAN+=	alarm.3 arc4random.3 basename.3 bsd_signal.3 bswap.3 \
 	fmtcheck.3 fmtmsg.3 fnmatch.3 fpclassify.3 fpgetmask.3 \
 	ftok.3 fts.3 ftw.3 \
 	getbsize.3 cgetcap.3 getcwd.3 getdevmajor.3 \
-	getdomainname.3 getdiskbyname.3 getfsent.3 \
+	getdomainname.3 getdiskbyname.3 getentropy.3 getfsent.3 \
 	getgrent.3 getgrouplist.3 gethostname.3 getlastlogx.3 getloadavg.3 \
 	getmntinfo.3 getnetgrent.3 getpagesize.3 getpass.3 \
 	getprogname.3 getpwent.3 getttyent.3 getusershell.3 glob.3 \
--- a/lib/libc/gen/getentropy.3
+++ b/lib/libc/gen/getentropy.3
@ -0,0 +1,94 @@
 .\"	$NetBSD: getentropy.3,v 1.4 2022/05/31 13:42:59 riastradh Exp $ $
 .\"
 .\" Copyright (c) 2020 The NetBSD Foundation, Inc.
 .\" All rights reserved.
 .\"
 .\" This code is derived from software contributed to The NetBSD Foundation
 .\" by Nia Alarie.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
 .\" 1. Redistributions of source code must retain the above copyright
 .\"    notice, this list of conditions and the following disclaimer.
 .\" 2. Redistributions in binary form must reproduce the above copyright
 .\"    notice, this list of conditions and the following disclaimer in the
 .\"    documentation and/or other materials provided with the distribution.
 .\"
 .\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 .\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 .\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 .\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
 .\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 .\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 .\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 .\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 .\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
 .Dd May 1, 2020
 .Dt GETENTROPY 3
 .Os
 .Sh NAME
 .Nm getentropy
 .Nd fill a buffer with high quality random data
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
 .In unistd.h
 .Ft int
 .Fn getentropy "void *buf" "size_t buflen"
 .In limits.h
 .Li #define GETENTROPY_MAX	256
 .Sh DESCRIPTION
 .Pp
 The
 .Fn getentropy
 function fills a buffer with high quality random data, suitable for seeding
 cryptographically secure psuedorandom number generators.
 .Pp
 .Fn getentropy
 is only intended for seeding random number generators and is not intended
 for use by regular code which simply needs secure random data.
 For this purpose, please use
 .Xr arc4random 3 .
 .Pp
 The maximum value for
 .Li buflen
 is 256 bytes.
 .Sh IMPLEMENTATION NOTES
 .Fn getentropy
 reads from the
 .Xr sysctl 7
 variable
 .Li kern.arandom .
 .Sh RETURN VALUES
 .Rv -std getentropy
 .Sh ERRORS
 .Fn getentropy
 will succeed unless:
 .Bl -tag -width Er
 .It Bq Er EFAULT
 The
 .Fa buf
 argument points to an invalid memory address.
 .It Bq Er EINVAL
 More than 256 bytes were requested.
 .Sh SEE ALSO
 .Xr arc4random 3 ,
 .Xr rnd 4
 .Sh STANDARDS
 The
 .Fn getentropy
 function is non-standard.
 However, it is likely to be included in the next revision of POSIX.
 .Sh HISTORY
 The
 .Fn getentropy
 function first appeared in
 .Ox 5.6 ,
 then in
 .Fx 12.0 ,
 and
 .Nx 10 .
--- a/lib/libc/gen/getentropy.c
+++ b/lib/libc/gen/getentropy.c
@ -0,0 +1,67 @@
 /*	$NetBSD: getentropy.c,v 1.3 2022/05/31 13:42:59 riastradh Exp $	*/
 /*-
 * Copyright (c) 2020 The NetBSD Foundation, Inc.
 * All rights reserved.
 *
 * This code is derived from software contributed to The NetBSD Foundation
 * by Nia Alarie.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */
 #include <sys/cdefs.h>
 __RCSID("$NetBSD: getentropy.c,v 1.3 2022/05/31 13:42:59 riastradh Exp $");
 #include "namespace.h"
 #include <sys/param.h>
 #include <sys/sysctl.h>
 #include <errno.h>
 #include <limits.h>
 #include <unistd.h>
 #ifdef __weak_alias
 __weak_alias(getentropy,_getentropy)
 #endif
 __CTASSERT(GETENTROPY_MAX == 256);
 int
 getentropy(void *buf, size_t buflen)
 {
 	size_t len = buflen;
 	int name[2] = { CTL_KERN, KERN_ARND };
 	if (buf == NULL && buflen > 0) {
 		errno = EFAULT;
 		return -1;
 	}
 	if (buflen > 256) {
 		errno = EINVAL;
 		return -1;
 	}
 	return sysctl(name, 2, buf, &len, NULL, 0);
 }
--- a/lib/libc/include/namespace.h
+++ b/lib/libc/include/namespace.h
@ -1,4 +1,4 @@
-/*	$NetBSD: namespace.h,v 1.202 2021/09/11 20:28:03 andvar Exp $	*/
+/*	$NetBSD: namespace.h,v 1.203 2022/05/31 13:42:59 riastradh Exp $	*/
 /*-
 * Copyright (c) 1997-2004 The NetBSD Foundation, Inc.
@ -361,6 +361,7 @@
 #define getdevmajor		_getdevmajor
 #define getdiskbyname		_getdiskbyname
 #define getdomainname		_getdomainname
 #define getentropy		_getentropy
 #define getfsent		_getfsent
 #define getfsfile		_getfsfile
 #define getfsspec		_getfsspec
--- a/tests/lib/libc/gen/Makefile
+++ b/tests/lib/libc/gen/Makefile
@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.54 2020/02/22 19:14:57 kamil Exp $
+# $NetBSD: Makefile,v 1.55 2022/05/31 13:42:59 riastradh Exp $
 .include <bsd.own.mk>
@ -21,6 +21,7 @@ TESTS_C+=	t_fpsetmask
 TESTS_C+=	t_fpsetround
 TESTS_C+=	t_ftok
 TESTS_C+=	t_getcwd
 TESTS_C+=	t_getentropy
 TESTS_C+=	t_getgrent
 TESTS_C+=	t_glob
 TESTS_C+=	t_humanize_number
--- a/tests/lib/libc/gen/t_getentropy.c
+++ b/tests/lib/libc/gen/t_getentropy.c
@ -0,0 +1,189 @@
 /*	$NetBSD: t_getentropy.c,v 1.1 2022/05/31 13:42:59 riastradh Exp $	*/
 /*-
 * Copyright (c) 2022 The NetBSD Foundation, Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */
 #include <sys/cdefs.h>
 __RCSID("$NetBSD: t_getentropy.c,v 1.1 2022/05/31 13:42:59 riastradh Exp $");
 #include <sys/mman.h>
 #include <atf-c.h>
 #include <errno.h>
 #include <limits.h>
 #include <stdint.h>
 #include <string.h>
 #include <unistd.h>
 static uint8_t buf[289];
 static uint8_t zero[sizeof(buf)];
 __CTASSERT(GETENTROPY_MAX == 256);
 ATF_TC(getentropy_0);
 ATF_TC_HEAD(getentropy_0, tc)
 {
 	atf_tc_set_md_var(tc, "descr", "getentropy 0 bytes");
 	atf_tc_set_md_var(tc, "timeout", "2");
 }
 ATF_TC_BODY(getentropy_0, tc)
 {
 	memset(buf, 0, sizeof(buf));
 	if (getentropy(buf, 0) == -1)
 		atf_tc_fail("getentropy: %d (%s)", errno, strerror(errno));
 	ATF_CHECK(memcmp(buf, zero, sizeof(buf)) == 0);
 }
 ATF_TC(getentropy_32);
 ATF_TC_HEAD(getentropy_32, tc)
 {
 	atf_tc_set_md_var(tc, "descr", "getentropy 32 bytes");
 	atf_tc_set_md_var(tc, "timeout", "2");
 }
 ATF_TC_BODY(getentropy_32, tc)
 {
 	memset(buf, 0, sizeof(buf));
 	if (getentropy(buf + 1, 32) == -1)
 		atf_tc_fail("getentropy: %d (%s)", errno, strerror(errno));
 	ATF_CHECK(buf[0] == 0);
 	ATF_CHECK(memcmp(buf + 1, zero, 32) != 0);
 	ATF_CHECK(memcmp(buf + 1 + 32, zero, sizeof(buf) - 1 - 32) == 0);
 }
 ATF_TC(getentropy_256);
 ATF_TC_HEAD(getentropy_256, tc)
 {
 	atf_tc_set_md_var(tc, "descr", "getentropy 256 bytes");
 	atf_tc_set_md_var(tc, "timeout", "2");
 }
 ATF_TC_BODY(getentropy_256, tc)
 {
 	memset(buf, 0, sizeof(buf));
 	if (getentropy(buf + 1, 256) == -1)
 		atf_tc_fail("getentropy: %d (%s)", errno, strerror(errno));
 	ATF_CHECK(buf[0] == 0);
 	ATF_CHECK(memcmp(buf + 1, zero, 256) != 0);
 	ATF_CHECK(memcmp(buf + 1 + 256, zero, sizeof(buf) - 1 - 256) == 0);
 }
 ATF_TC(getentropy_257);
 ATF_TC_HEAD(getentropy_257, tc)
 {
 	atf_tc_set_md_var(tc, "descr", "getentropy 257 bytes (beyond max)");
 	atf_tc_set_md_var(tc, "timeout", "2");
 }
 ATF_TC_BODY(getentropy_257, tc)
 {
 	memset(buf, 0, sizeof(buf));
 	ATF_CHECK_ERRNO(EINVAL, getentropy(buf, 257) == -1);
 	ATF_CHECK(memcmp(buf, zero, sizeof(buf)) == 0);
 }
 ATF_TC(getentropy_null);
 ATF_TC_HEAD(getentropy_null, tc)
 {
 	atf_tc_set_md_var(tc, "descr", "getentropy with null buffer");
 	atf_tc_set_md_var(tc, "timeout", "2");
 }
 ATF_TC_BODY(getentropy_null, tc)
 {
 	ATF_CHECK_ERRNO(EFAULT, getentropy(NULL, 32) == -1);
 }
 ATF_TC(getentropy_nearnull);
 ATF_TC_HEAD(getentropy_nearnull, tc)
 {
 	atf_tc_set_md_var(tc, "descr", "getentropy with nearly null buffer");
 	atf_tc_set_md_var(tc, "timeout", "2");
 }
 ATF_TC_BODY(getentropy_nearnull, tc)
 {
 	ATF_CHECK_ERRNO(EFAULT, getentropy((char *)(uintptr_t)1, 32) == -1);
 }
 ATF_TC(getentropy_badaddr);
 ATF_TC_HEAD(getentropy_badaddr, tc)
 {
 	atf_tc_set_md_var(tc, "descr", "getentropy with bad address");
 	atf_tc_set_md_var(tc, "timeout", "2");
 }
 ATF_TC_BODY(getentropy_badaddr, tc)
 {
 	size_t pagesize = sysconf(_SC_PAGESIZE);
 	char *p;
 	/*
 	 * Allocate three consecutive pages and make the middle one
 	 * nonwritable.
 	 */
 	p = mmap(NULL, 3*pagesize, PROT_READ|PROT_WRITE,
 	    MAP_ANON|MAP_PRIVATE, -1, 0);
 	if (p == MAP_FAILED)
 		atf_tc_fail("mmap: %d (%s)", errno, strerror(errno));
 	if (mprotect(p + pagesize, pagesize, PROT_READ) == -1)
 		atf_tc_fail("mprotect: %d (%s)", errno, strerror(errno));
 	/* Verify that writing to the end of the first page works.  */
 	if (getentropy(p + pagesize - 25, 25) == -1)
 		atf_tc_fail("getentropy 1: %d (%s)", errno, strerror(errno));
 	ATF_CHECK(memcmp(p + pagesize - 25, zero, 25) != 0);
 	/*
 	 * Verify that writes into the middle page, whether straddling
 	 * the surrounding pages or not, fail with EFAULT.
 	 */
 	ATF_CHECK_ERRNO(EFAULT, getentropy(p + pagesize - 1, 2) == -1);
 	ATF_CHECK_ERRNO(EFAULT, getentropy(p + pagesize, 32) == -1);
 	ATF_CHECK_ERRNO(EFAULT, getentropy(p + 2*pagesize - 1, 2) == -1);
 	/* Verify that writing to the start of the last page works.  */
 	if (getentropy(p + 2*pagesize, 25) == -1)
 		atf_tc_fail("getentropy 2: %d (%s)", errno, strerror(errno));
 	ATF_CHECK(memcmp(p + pagesize - 25, zero, 25) != 0);
 	if (munmap(p, 3*pagesize) == -1)
 		atf_tc_fail("munmap: %d (%s)", errno, strerror(errno));
 }
 ATF_TP_ADD_TCS(tp)
 {
 	ATF_TP_ADD_TC(tp, getentropy_0);
 	ATF_TP_ADD_TC(tp, getentropy_256);
 	ATF_TP_ADD_TC(tp, getentropy_257);
 	ATF_TP_ADD_TC(tp, getentropy_32);
 	ATF_TP_ADD_TC(tp, getentropy_badaddr);
 	ATF_TP_ADD_TC(tp, getentropy_nearnull);
 	ATF_TP_ADD_TC(tp, getentropy_null);
 	return atf_no_error();
 }