Re: [PATCH 12/12] config.mak.uname: add a note about CSPRNG_METHOD for Linux

[Junio C Hamano <gitster@pobox.com>]

"brian m. carlson" <sandals@crustytoothpaste.net> writes:

> When arc4random was added to glibc, the Linux kernel CSPRNG maintainer
> argued that it was not a secure approach (I disagree), and convinced the
> glibc maintainers to just make it a wrapper around the Linux kernel
> CSPRNG, which it now is.  So there's no actual benefit to calling
> arc4random versus getrandom, and since it's newer and less commonly
> available than getrandom, as well as slightly slower (because of an
> extra function call), getrandom should be preferred.

This

https://www.phoronix.com/news/GNU-Glibc-arc4random-Functions

was the first hit of my search in the area, but I think you are
referring to

https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=eaad4f9

that happened 5 days after the thing got in and the code there tells
me that your summary of the situation is quite accurate.

So I agree that dropping this patch makes sense, but do we want to
do a bit more to improve the situation?

Here is an attempt to improve what we have in Makefile (and possibly
the Linux section in config.mak.uname, but that is improving what we
do not have) to tell folks that arc4random in glibc is only for
compatibility and they should pick getrandom() until the situation
changes.

--- >8 ---
Subject: config/Makefile: a note on CSPRNG_METHOD choice for Linux

arc4random() was added to glibc in July 2022, but quickly replaced
by a stub implementation that wraps around getrandom().  Hence there
is no actual benefit to calling arc4random() over getrandom() on
glibc based systems, at least for now.

To avoid enticing Linux users to choose arc4random(), leave a note
that their arc4random() in glibc is not the same as what their
friends use on other platforms, and guide them to use getrandom()
instead in the meantime.

Helped-by: "brian m. carlson" <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
 Makefile         | 5 +++--
 config.mak.uname | 2 ++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git c/Makefile w/Makefile
index 7315507381..7214936295 100644
--- c/Makefile
+++ w/Makefile
@@ -155,8 +155,9 @@ include shared.mak
 # Define NO_TRUSTABLE_FILEMODE if your filesystem may claim to support
 # the executable mode bit, but doesn't really do so.
 #
-# Define CSPRNG_METHOD to "arc4random" if your system has arc4random and
-# arc4random_buf, "libbsd" if your system has those functions from libbsd,
+# Define CSPRNG_METHOD to "arc4random" if your system has true arc4random and
+# arc4random_buf (not wrappers around "getrandom" shipped with glibc),
+# "libbsd" if your system has those functions from libbsd,
 # "getrandom" if your system has getrandom, "getentropy" if your system has
 # getentropy, "rtlgenrandom" for RtlGenRandom (Windows only), or "openssl" if
 # you'd want to use the OpenSSL CSPRNG.  You may set multiple options with
diff --git c/config.mak.uname w/config.mak.uname
index b12d4e168a..6bf511f24b 100644
--- c/config.mak.uname
+++ w/config.mak.uname
@@ -58,6 +58,8 @@ ifeq ($(uname_S),Linux)
 	NEEDS_LIBRT = YesPlease
 	HAVE_SYNC_FILE_RANGE = YesPlease
 	HAVE_GETDELIM = YesPlease
+	# note: don't choose arc4random on glibc systems
+	CSPRNG_METHOD =
 	FREAD_READS_DIRECTORIES = UnfortunatelyYes
 	BASIC_CFLAGS += -DHAVE_SYSINFO
 	PROCFS_EXECUTABLE_PATH = /proc/self/exe