Posted to tech-userlevel@ a week ago and reviewed by riastradh@.
GETENTROPY(3) Library Functions Manual GETENTROPY(3)
NAME
getentropy - fill a buffer with high quality random data
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <unistd.h>
int
getentropy(void *buf, size_t buflen);
DESCRIPTION
The getentropy() function fills a buffer with high quality random data,
suitable for seeding cryptographically secure psuedorandom number
generators.
getentropy() is only intended for seeding random number generators and is
not intended for use by regular code which simply needs secure random
data. For this purpose, please use arc4random(3).
The maximum value for buflen is 256 bytes.
IMPLEMENTATION NOTES
getentropy() reads from the sysctl(7) variable kern.arandom.
RETURN VALUES
The getentropy() function returns 0 on success, and -1 if an error
occurred.
ERRORS
getentropy() will succeed unless:
[EFAULT] The buf argument points to an invalid memory address.
[EIO] Too many bytes were requested.
SEE ALSO
arc4random(3), rnd(4)
STANDARDS
The getentropy() function is non-standard.
HISTORY
The getentropy() function first appeared in OpenBSD 5.6, then in
FreeBSD 12.0, and NetBSD 10.
unistd.h and libc, and add a man page.
Allow wiggle room in the man page for implementations of fallocate
that either (a) don't fully unwind on failure, leaving new blocks
allocated without changing the file size, or (b) create only in-memory
transient reservations that disappear when crashing or rebooting.
Also, add crossreference to fdiscard from ftruncate(2), and remove the
old BUGS entry from there that called for a generalized version that
allows discarding ranges of a file: that's what fdiscard is.
unimplemented, except enough of linkat(2) to hardlink to a symlink.
Everything new in headers is guarded #ifdef _INCOMPLETE_XOPEN_C063 since
some software (e.g.: xcvs in our own tree) will assume they can use openat(2)
when AT_FDCWD is defined. _INCOMPLETE_XOPEN_C063 will go away once support
will be completed.
set close-on-exec on creation (http://udrepper.livejournal.com/20407.html).
- Add F_DUPFD_CLOEXEC to fcntl(2).
- Add MSG_CMSG_CLOEXEC to recvmsg(2) for unix file descriptor passing.
- Add dup3(2) syscall with a flags argument for O_CLOEXEC, O_NONBLOCK.
- Add pipe2(2) syscall with a flags argument for O_CLOEXEC, O_NONBLOCK.
- Add flags SOCK_CLOEXEC, SOCK_NONBLOCK to the socket type parameter
for socket(2) and socketpair(2).
- Add new paccept(2) syscall that takes an additional sigset_t to alter
the sigmask temporarily and a flags argument to set SOCK_CLOEXEC,
SOCK_NONBLOCK.
- Add new mode character 'e' to fopen(3) and popen(3) to open pipes
and file descriptors for close on exec.
- Add new kqueue1(2) syscall with a new flags argument to open the
kqueue file descriptor with O_CLOEXEC, O_NONBLOCK.
* Fix the system calls that take socklen_t arguments to actually do so.
* Don't include userland header files (signal.h) from system header files
(rump_syscallargs.h).
* Bump libc version for the new syscalls.
it possible to get the pid, euid and egid of the process at the remote
end at the time it did bind() or connect().
Add a new libc function, getpeereid() to easily get at the euid and egid.
As a consequence, bump libc's minor number.
Document the LOCAL_PEEREID socket option in unix(4).
Based on contribution by Arne H. Juul, minor modifications by myself.
include path: the normal header files now include the "SSP" ones (which one
should note are not really named right: SSP and FORTIFY_SOURCE are independent
features).
Disable USE_SSP on targets where the compiler doesn't support it at all
(mips, alpha) or it's known broken (sh3). But enable FORTIFY_SOURCE,
without SSP, on those platforms -- tested on mipsel.
christos