Re: [PATCH 01/11] crypto: rng - Add crypto_stdrng_get_bytes()

Next message: Qi Zheng: "Re: [PATCH v2 1/4] mm: memcontrol: correct the type of stats_updates to unsigned long"
Previous message: Mohamed Khalfella: "Re: [PATCH v3 12/21] nvme-fc: Decouple error recovery from controller reset"
In reply to: Jason A. Donenfeld: "Re: [PATCH 01/11] crypto: rng - Add crypto_stdrng_get_bytes()"
Next in thread: Eric Biggers: "Re: [PATCH 01/11] crypto: rng - Add crypto_stdrng_get_bytes()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Eric Biggers

Date: Wed Mar 25 2026 - 22:37:25 EST

On Thu, Mar 26, 2026 at 02:38:47AM +0100, Jason A. Donenfeld wrote:
> I'm a little worried about this because I don't want to see a
> proliferation of crypto_stdrng_get_bytes() users. How can we be sure
> that this is mostly never used?
>
>
> Jason

Perhaps a slightly different comment? By the end of the series it is:

/**
* crypto_stdrng_get_bytes() - get cryptographically secure random bytes
* @buf: output buffer holding the random numbers
* @len: length of the output buffer
*
* This function fills the caller-allocated buffer with random numbers using the
* normal Linux RNG if fips_enabled=0, or the highest-priority "stdrng"
* algorithm in the crypto_rng subsystem if fips_enabled=1.
*
* Context: May sleep
* Return: 0 function was successful; < 0 if an error occurred
*/

We could add something like:

Don't call this unless you are sure you need it. In most cases you
should just call get_random_bytes_wait() directly.

- Eric