-
Type: Task
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
-
Server Security
getrandom(2) is a new syscall in Linux 3.17 that avoids using an open file descriptor to get random bytes. We should use it where available. On some platforms, we will need to call the syscall directly and on others, we will need to do runtime detection (i.e. fail gracefully on ENOSYS).
Docs:
https://www.redhat.com/en/blog/understanding-red-hat-enterprise-linux-random-number-generator-interface
https://lwn.net/Articles/711013/