Re: lib/56905: getentropy() may return predictable data

[Robert Elz <kre%munnari.OZ.AU@localhost>]

The following reply was made to PR lib/56905; it has been noted by GNATS.

From: Robert Elz <kre%munnari.OZ.AU@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: lib/56905: getentropy() may return predictable data
Date: Fri, 22 Jul 2022 21:37:43 +0700

 getentropy() is being added to POSIX in the next version of the standard.
 
 The description doesn't explicitly say it is not allowed to block,
 but it does say (explicitly) that it is not a thread cancellation
 point.
 
 In general, everything which can block is either a cancellation point,
 or is allowed to be (the latter for things like putc() which might call
 a function which is a cancellation point, or might not).
 
 Not being a cancellation point tells me that getentropy() is not
 expected to block (ever).
 
 It is allowed to fail - but the description of its one possible relevant
 failure mode (it is also possible for it to return an error if the user
 passes invalid params - asks for too many bits, for example - that's not
 relevant here) is:
 
     [ENOSYS]  The system does not provide the necessary source of entropy.
 
 which seems to me to be more a permanent failure, that is, it isn't
 saying "no entropy is currently available", than one which can
 ever be rectified (eg: by pausing and trying later - similating blocking
 in the caller).
 
 Blocking in getentropy() won't happen, "the proper semantics" are not that.
 
 kre
 
 ps: there's no getrandom() call in POSIX however.