Auto merge of #59879 - ebarnard:patch-1, r=alexcrichton
Add a comment explaining why SecRandomCopyBytes is not used on MacOS SecRandomCopyBytes is [available since MacOS 10.7](https://developer.apple.com/documentation/security/1399291-secrandomcopybytes?language=objc) which is the minimum supported version and which was suggested in https://github.com/rust-lang/rust/pull/58901#issuecomment-470188115 is the earliest version currently in use. This matches the behaviour of other platforms which have a random number generator syscall available.
This commit is contained in:
bors
commit
70f130954d
1 changed files with 7 additions and 0 deletions
|
|
@ -99,6 +99,13 @@ mod imp {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// On iOS and MacOS `SecRandomCopyBytes` calls `CCRandomCopyBytes` with
|
||||||
|
// `kCCRandomDefault`. `CCRandomCopyBytes` manages a CSPRNG which is seeded
|
||||||
|
// from `/dev/random` and which runs on its own thread accessed via GCD.
|
||||||
|
// This seems needlessly heavyweight for the purposes of generating two u64s
|
||||||
|
// once per thread in `hashmap_random_keys`. Therefore `SecRandomCopyBytes` is
|
||||||
|
// only used on iOS where direct access to `/dev/urandom` is blocked by the
|
||||||
|
// sandbox.
|
||||||
#[cfg(target_os = "ios")]
|
#[cfg(target_os = "ios")]
|
||||||
mod imp {
|
mod imp {
|
||||||
use crate::io;
|
use crate::io;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue