mirror of https://github.com/mkerrisk/man-pages
getrandom.2, random.7: wfix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk
parent
379df7a0ec
commit
dce6b79650
|
|
@ -46,7 +46,7 @@ By default,
|
||||||
.BR getrandom ()
|
.BR getrandom ()
|
||||||
draws entropy from the
|
draws entropy from the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool (i.e., the same source as the
|
source (i.e., the same source as the
|
||||||
.IR /dev/urandom
|
.IR /dev/urandom
|
||||||
device).
|
device).
|
||||||
This behavior can be changed via the
|
This behavior can be changed via the
|
||||||
|
|
@ -55,7 +55,7 @@ argument.
|
||||||
|
|
||||||
If the
|
If the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool has been initialized,
|
source has been initialized,
|
||||||
reads of up to 256 bytes will always return as many bytes as
|
reads of up to 256 bytes will always return as many bytes as
|
||||||
requested and will not be interrupted by signals.
|
requested and will not be interrupted by signals.
|
||||||
No such guarantees apply for larger buffer sizes.
|
No such guarantees apply for larger buffer sizes.
|
||||||
|
|
@ -65,7 +65,7 @@ it may return a partially filled buffer, or fail with the error
|
||||||
|
|
||||||
If the
|
If the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool has not yet been initialized, then
|
source has not yet been initialized, then
|
||||||
.BR getrandom ()
|
.BR getrandom ()
|
||||||
will block, unless
|
will block, unless
|
||||||
.B GRND_NONBLOCK
|
.B GRND_NONBLOCK
|
||||||
|
|
@ -80,20 +80,20 @@ ORed together:
|
||||||
.B GRND_RANDOM
|
.B GRND_RANDOM
|
||||||
If this bit is set, then random bytes are drawn from the
|
If this bit is set, then random bytes are drawn from the
|
||||||
.I random
|
.I random
|
||||||
pool
|
source
|
||||||
(i.e., the same source as the
|
(i.e., the same source as the
|
||||||
.IR /dev/random
|
.IR /dev/random
|
||||||
device)
|
device)
|
||||||
instead of the
|
instead of the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool.
|
source.
|
||||||
The
|
The
|
||||||
.I random
|
.I random
|
||||||
pool is limited based on the entropy that can be obtained from environmental
|
source is limited based on the entropy that can be obtained from environmental
|
||||||
noise.
|
noise.
|
||||||
If the number of available bytes in the
|
If the number of available bytes in the
|
||||||
.I random
|
.I random
|
||||||
pool is less than requested in
|
source is less than requested in
|
||||||
.IR buflen ,
|
.IR buflen ,
|
||||||
the call returns just the available random bytes.
|
the call returns just the available random bytes.
|
||||||
If no random bytes are available, the behavior depends on the presence of
|
If no random bytes are available, the behavior depends on the presence of
|
||||||
|
|
@ -105,12 +105,12 @@ argument.
|
||||||
.B GRND_NONBLOCK
|
.B GRND_NONBLOCK
|
||||||
By default, when reading from the
|
By default, when reading from the
|
||||||
.IR random
|
.IR random
|
||||||
pool,
|
source,
|
||||||
.BR getrandom ()
|
.BR getrandom ()
|
||||||
blocks if no random bytes are available,
|
blocks if no random bytes are available,
|
||||||
and when reading from the
|
and when reading from the
|
||||||
.IR urandom
|
.IR urandom
|
||||||
pool, it blocks if the entropy pool has not yet been initialized.
|
source, it blocks if the entropy pool has not yet been initialized.
|
||||||
If the
|
If the
|
||||||
.B GRND_NONBLOCK
|
.B GRND_NONBLOCK
|
||||||
flag is set, then
|
flag is set, then
|
||||||
|
|
@ -132,7 +132,7 @@ was specified in
|
||||||
.IR flags
|
.IR flags
|
||||||
and insufficient entropy was present in the
|
and insufficient entropy was present in the
|
||||||
.IR random
|
.IR random
|
||||||
pool or the system call was interrupted by a signal.
|
source or the system call was interrupted by a signal.
|
||||||
.PP
|
.PP
|
||||||
On error, \-1 is returned, and
|
On error, \-1 is returned, and
|
||||||
.I errno
|
.I errno
|
||||||
|
|
@ -196,7 +196,7 @@ As of Linux 3.19 the following limits apply:
|
||||||
.IP * 3
|
.IP * 3
|
||||||
When reading from the
|
When reading from the
|
||||||
.IR urandom
|
.IR urandom
|
||||||
pool, a maximum of 33554431 bytes is returned by a single call to
|
source, a maximum of 33554431 bytes is returned by a single call to
|
||||||
.BR getrandom ()
|
.BR getrandom ()
|
||||||
on systems where
|
on systems where
|
||||||
.I int
|
.I int
|
||||||
|
|
@ -204,11 +204,11 @@ has a size of 32 bits.
|
||||||
.IP *
|
.IP *
|
||||||
When reading from the
|
When reading from the
|
||||||
.IR random
|
.IR random
|
||||||
pool, a maximum of 512 bytes is returned.
|
source, a maximum of 512 bytes is returned.
|
||||||
.SS Interruption by a signal handler
|
.SS Interruption by a signal handler
|
||||||
When reading from the
|
When reading from the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool
|
source
|
||||||
.RB ( GRND_RANDOM
|
.RB ( GRND_RANDOM
|
||||||
is not set),
|
is not set),
|
||||||
.BR getrandom ()
|
.BR getrandom ()
|
||||||
|
|
@ -223,7 +223,7 @@ from kernel memory to
|
||||||
.IR buf .
|
.IR buf .
|
||||||
When reading from the
|
When reading from the
|
||||||
.I random
|
.I random
|
||||||
pool
|
source
|
||||||
.RB ( GRND_RANDOM
|
.RB ( GRND_RANDOM
|
||||||
is set),
|
is set),
|
||||||
.BR getrandom ()
|
.BR getrandom ()
|
||||||
|
|
@ -236,7 +236,7 @@ The behavior when a call to
|
||||||
.BR getrandom ()
|
.BR getrandom ()
|
||||||
that is blocked while reading from the
|
that is blocked while reading from the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool is interrupted by a signal handler
|
source is interrupted by a signal handler
|
||||||
depends on the initialization state of the entropy buffer
|
depends on the initialization state of the entropy buffer
|
||||||
and on the request size,
|
and on the request size,
|
||||||
.IR buflen .
|
.IR buflen .
|
||||||
|
|
@ -259,7 +259,7 @@ Instead, it will return all of the bytes that have been requested.
|
||||||
|
|
||||||
When reading from the
|
When reading from the
|
||||||
.IR random
|
.IR random
|
||||||
pool, blocking requests of any size can be interrupted by a signal handler
|
source, blocking requests of any size can be interrupted by a signal handler
|
||||||
(the call fails with the error
|
(the call fails with the error
|
||||||
.BR EINTR ).
|
.BR EINTR ).
|
||||||
|
|
||||||
|
|
@ -267,7 +267,7 @@ Using
|
||||||
.BR getrandom ()
|
.BR getrandom ()
|
||||||
to read small buffers (<=\ 256 bytes) from the
|
to read small buffers (<=\ 256 bytes) from the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool is the preferred mode of usage.
|
source is the preferred mode of usage.
|
||||||
|
|
||||||
The special treatment of small values of
|
The special treatment of small values of
|
||||||
.I buflen
|
.I buflen
|
||||||
|
|
|
||||||
|
|
@ -47,17 +47,17 @@ This system call provides access either to the same source as
|
||||||
.I /dev/urandom
|
.I /dev/urandom
|
||||||
(called the
|
(called the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool in this page)
|
source in this page)
|
||||||
or to the same source as
|
or to the same source as
|
||||||
.I /dev/random
|
.I /dev/random
|
||||||
(called the
|
(called the
|
||||||
.I random
|
.I random
|
||||||
pool in this page).
|
source in this page).
|
||||||
The default is the
|
The default is the
|
||||||
.I urandom
|
.I urandom
|
||||||
pool; the
|
source; the
|
||||||
.I random
|
.I random
|
||||||
pool is selected by specifying the
|
source is selected by specifying the
|
||||||
.BR GRND_RANDOM
|
.BR GRND_RANDOM
|
||||||
flag to the system call.
|
flag to the system call.
|
||||||
.\"
|
.\"
|
||||||
|
|
@ -85,7 +85,7 @@ flag or the
|
||||||
device.
|
device.
|
||||||
The cryptographic algorithms used for the
|
The cryptographic algorithms used for the
|
||||||
.IR urandom
|
.IR urandom
|
||||||
pool are quite conservative, and so should be sufficient for all purposes.
|
source are quite conservative, and so should be sufficient for all purposes.
|
||||||
|
|
||||||
The disadvantage of
|
The disadvantage of
|
||||||
.B GRND_RANDOM
|
.B GRND_RANDOM
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue