From 75551dbf112c992bc6c99a972990b3f272247e23 Mon Sep 17 00:00:00 2001 From: Andy Lutomirski Date: Mon, 23 Dec 2019 00:20:46 -0800 Subject: random: add GRND_INSECURE to return best-effort non-cryptographic bytes Signed-off-by: Andy Lutomirski Link: https://lore.kernel.org/r/d5473b56cf1fa900ca4bd2b3fc1e5b8874399919.1577088521.git.luto@kernel.org Signed-off-by: Theodore Ts'o --- include/uapi/linux/random.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/uapi/linux') diff --git a/include/uapi/linux/random.h b/include/uapi/linux/random.h index 26ee91300e3e..c092d20088d3 100644 --- a/include/uapi/linux/random.h +++ b/include/uapi/linux/random.h @@ -49,8 +49,10 @@ struct rand_pool_info { * * GRND_NONBLOCK Don't block and return EAGAIN instead * GRND_RANDOM Use the /dev/random pool instead of /dev/urandom + * GRND_INSECURE Return non-cryptographic random bytes */ #define GRND_NONBLOCK 0x0001 #define GRND_RANDOM 0x0002 +#define GRND_INSECURE 0x0004 #endif /* _UAPI_LINUX_RANDOM_H */ -- cgit v1.2.3 From 48446f198f9adcb499b30332488dfd5bc3f176f6 Mon Sep 17 00:00:00 2001 From: Andy Lutomirski Date: Mon, 23 Dec 2019 00:20:47 -0800 Subject: random: ignore GRND_RANDOM in getentropy(2) The separate blocking pool is going away. Start by ignoring GRND_RANDOM in getentropy(2). This should not materially break any API. Any code that worked without this change should work at least as well with this change. Signed-off-by: Andy Lutomirski Link: https://lore.kernel.org/r/705c5a091b63cc5da70c99304bb97e0109be0a26.1577088521.git.luto@kernel.org Signed-off-by: Theodore Ts'o --- include/uapi/linux/random.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/uapi/linux') diff --git a/include/uapi/linux/random.h b/include/uapi/linux/random.h index c092d20088d3..dcc1b3e6106f 100644 --- a/include/uapi/linux/random.h +++ b/include/uapi/linux/random.h @@ -48,7 +48,7 @@ struct rand_pool_info { * Flags for getrandom(2) * * GRND_NONBLOCK Don't block and return EAGAIN instead - * GRND_RANDOM Use the /dev/random pool instead of /dev/urandom + * GRND_RANDOM No effect * GRND_INSECURE Return non-cryptographic random bytes */ #define GRND_NONBLOCK 0x0001 -- cgit v1.2.3