Posted to tech-userlevel@ a week ago and reviewed by riastradh@.
GETENTROPY(3) Library Functions Manual GETENTROPY(3)
NAME
getentropy - fill a buffer with high quality random data
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <unistd.h>
int
getentropy(void *buf, size_t buflen);
DESCRIPTION
The getentropy() function fills a buffer with high quality random data,
suitable for seeding cryptographically secure psuedorandom number
generators.
getentropy() is only intended for seeding random number generators and is
not intended for use by regular code which simply needs secure random
data. For this purpose, please use arc4random(3).
The maximum value for buflen is 256 bytes.
IMPLEMENTATION NOTES
getentropy() reads from the sysctl(7) variable kern.arandom.
RETURN VALUES
The getentropy() function returns 0 on success, and -1 if an error
occurred.
ERRORS
getentropy() will succeed unless:
[EFAULT] The buf argument points to an invalid memory address.
[EIO] Too many bytes were requested.
SEE ALSO
arc4random(3), rnd(4)
STANDARDS
The getentropy() function is non-standard.
HISTORY
The getentropy() function first appeared in OpenBSD 5.6, then in
FreeBSD 12.0, and NetBSD 10.
C++ without real static_assert() can be incompatible with the C fallback
as presented in openjdk.
A pre-C11 compiler can be picky on the implementation.
max_align_t does not depend on any pre-C99 or !C++ language feature.
This structure is in use in 3rd party essential C++ code as an extension
for older language revisions and in gnu99 code in the NetBSD distribution
(RTLD's build rules define -std=gnu11 just for exposing this struct).
Exposing max_align_t from the central NetBSD header avoid duplicate
definition in 3rd party code that could differ and produce ABI mismatched
binaries between -std= revisions.
This problem does not exist on OSs like Linux as they get this namespace
visibility defined inside LLVM or GNU toolchain headers. NetBSD ships with
its own stddef.h, rather than relying on a toolchain and its internal
extensions.
the main effect of this is to make GCC and other libiberty using
tools use /tmp instead of /var/tmp for compiler temp files,
which can be a bottleneck on larger systems.
a survey of other platforms shows only OSX also uses /var/tmp,
everyone else has switched to /tmp long ago.
cons: some smaller systems may have a smaller /tmp than /var/tmp,
and this may cause builds to fail with out of space earlier.
point the build to /var/tmp using TMPDIR in this case.
one can argue that setting TMPDIR would work around this, but we
want to have the effect for all users without having special setup.
Remove const from the 2nd argument.
const char ** and char ** are incompatible types and it was a cost to keep
the technically incompatible form for a more purist variation. NetBSD was
almost the last alive OS to still keep the const argument (known leftovers:
Minix and Illumos).
Keep the const form for the internal purposes inside citrus and rump.
Address the build breakage fallout in the same change.
There are no ABI changes.
Change accepted by core@.
The existing definition caused issues as GCC only provides _Static_assert
when building C11 code.
This follows the C standard: static_assert available since C11.
Fixes https://rt.perl.org/Public/Bug/Display.html?id=134023
- -Wstrict-prototypes is not available for C++, so don't try to
ignore it for C++.
- remove many _DIAGASSERT() checks against not NULL for functions
with arguments with nonnull attributes. in two cases, leave
code behind that should set defaults to "(null)".
- use -Wno-error=frame-address for i386 mcount, as it seems valid
to assume the caller will have a frame.fair