int getentropy(void *buffer, size_t length);
This syscall fills the buffer pointed to buffer with up to length
random bytes. These bytes can be used for cryptographic purposes.
The operation is the same as reading from /dev/random. It is provided
instead of just reading from the device as to avoid denial of service attacks
based on exhausting the file descriptor limit of the system, along with other
vulnerabilities and inconveniences related to the classic file interface.
The syscall returns 0 on success or -1 on failure, and sets the
following errno:
EFAULT: buffer points to invalid memory.
EACCES: MAC disallowed this.