[rtems-libbsd commit] Remove dangerous weak definition of getentropy()
Chris Johns
chrisj at rtems.org
Tue May 14 05:51:14 UTC 2019
On 14/5/19 2:58 pm, Sebastian Huber wrote:
> On 14/05/2019 00:53, Chris Johns wrote:
>> Hi,
>>
>> The change makes sense from a security point of view but are you sure there are
>> no references to these symbols for those users who do not need this stuff to
>> work?
>
> I added these weak definitions along with an update to a new FreeBSD baseline in
> 2016. Since 2017 we have a test for getentropy() in the test suite:
>
> testsuites/libtests/getentropy01/init.c
>
OK.
>>
>> On 13/5/19 7:20 pm, Sebastian Huber wrote:
>>> Module: rtems-libbsd
>>> Branch: master
>>> Commit: ab80f78a20cae1f580d3474a43a0973b9ad2f1c5
>>> Changeset:
>>> http://git.rtems.org/rtems-libbsd/commit/?id=ab80f78a20cae1f580d3474a43a0973b9ad2f1c5
>>>
>>>
>>> Author: Sebastian Huber <sebastian.huber at embedded-brains.de>
>>> Date: Mon May 13 10:33:19 2019 +0200
>>>
>>> Remove dangerous weak definition of getentropy()
>>>
>>> All BSP supporting libbsd should provide this function.
>> Would some documentation on what they need to do and at the risk of being flamed
>> by security specialists a sample implementation or link a user can use to see
>> what is needed be useful?
>
> https://docs.rtems.org/branches/master/bsp-howto/getentropy.html
>
Fantastic and thank you.
Chris
More information about the devel
mailing list