On 17/04/2025 14:55, Junio C Hamano wrote: > Ramsay Jones <ramsay@xxxxxxxxxxxxxxxxxxxx> writes: [snip] >> The arc4random routines (ar4random_buf() is the one actually used) were > > arc4random_buf(), if I am not mistaken? Oops, yes ... an unfortunate tyop! ;) Do you want a v4? (The cygwin v3 'make test' has been running for under two hours, I could Ctrl-C it ...) > >> added to glibc in version 2.36, while both getrandom() and getentropy() >> were included in 2.25. So, some of the more up-to-date distributions of >> Linux (eg Debian 12, Ubuntu 24.04) would be able to use the 'arc4random' >> setting. All currently supported distributions have glibc 2.25 or later >> (RHEL 8 has v2.28) and, therefore, have support for the 'getrandom' and >> 'getentropy' settings. > > OK. This explains that getrandom/getentropy have better > availability than arc4random. > >> The arc4random routines on the *BSDs (along with cygwin) implement the >> ChaCha20 stream cipher algorithm (see RFC8439) in userspace, rather than >> as a system call, and are thus somewhat faster (having avoided a context >> switch to the kernel). In contrast, on Linux all three functions are >> simple wrappers around the same kernel CSPRNG syscall. > > OK. With this and the previous paragraph, we establish that there > is no reason to use arc4random on Linux, while on BSDs and Cygwin, > it is a natural choice. > > Very clearly explained. Thanks. > Thanks! ATB, Ramsay Jones
