[Security-sig] Does the buildtime HAVE_GETRANDOM_SYSCALL check actually make sense?

[Nick Coghlan]

On 2 July 2016 at 23:30, Nick Coghlan <ncoghlan at gmail.com> wrote:
> On 26 June 2016 at 02:30, Victor Stinner <victor.stinner at gmail.com> wrote:
>> The configure check ensures that constants required to build random.c are
>> available. We can only run this check at the compilation. I don't want to
>> maintain hardcoded constants.
>>
>> The proper fix is to add getrandom() to the libc:
>> https://sourceware.org/bugzilla/show_bug.cgi?id=17252
>>
>> But you may have the same issue if you build the lib with "old" header
>> files.
>
> mock (the Fedora build utility, not the Python testing utility) will
> use the updated header files when building against the newer glibc, so
> not worrying about this until it's resolved there sounds fine to me.

Huh, I should have caught up on the issue I filed against Fedora first
- it appears there's something going wrong with the config scripts,
since the syscall *is* available and working on the build servers.

Either way, nothing for upstream to worry about until we figure out
why the config script is giving the wrong answer (since my original
theory of not having access to the syscall turned out to be wrong).

Cheers,
Nick.

-- 
Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia