Index: lib/libc/gen/Makefile.inc
===================================================================
RCS file: /cvsroot/src/lib/libc/gen/Makefile.inc,v
retrieving revision 1.201
diff -u -r1.201 Makefile.inc
--- lib/libc/gen/Makefile.inc	22 Apr 2020 23:32:25 -0000	1.201
+++ lib/libc/gen/Makefile.inc	1 May 2020 15:20:52 -0000
@@ -15,7 +15,7 @@
 	errc.c errlist.c errno.c execl.c execle.c execlp.c execv.c execvp.c \
 	exect.c extattr.c fmtcheck.c fmtmsg.c fnmatch.c fstab.c ftok.c \
 	fts.c ftw.c getbsize.c getcap.c getcwd.c \
-	getdevmajor.c getdomainname.c getgrent.c \
+	getdevmajor.c getdomainname.c getentropy.c getgrent.c \
 	getgrouplist.c getgroupmembership.c gethostname.c \
 	getloadavg.c getlogin.c getmntinfo.c \
 	getnetgrent.c getpagesize.c \
Index: lib/libc/gen/getentropy.3
===================================================================
RCS file: lib/libc/gen/getentropy.3
diff -N lib/libc/gen/getentropy.3
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ lib/libc/gen/getentropy.3	1 May 2020 15:20:52 -0000
@@ -0,0 +1,93 @@
+.\"	$NetBSD$ $
+.\"
+.\" Copyright (c) 2020 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Nia Alarie.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd May 1, 2020
+.Dt GETENTROPY 3
+.Os
+.Sh NAME
+.Nm getentropy
+.Nd fill a buffer with high quality random data
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In unistd.h
+.Ft int
+.Fn getentropy "void *buf" "size_t buflen"
+.Sh DESCRIPTION
+.Pp
+The
+.Fn getentropy
+function fills a buffer with high quality random data, suitable for seeding
+cryptographically secure psuedorandom number generators.
+.Pp
+.Fn getentropy
+is only intended for seeding random number generators and is not intended
+for use by regular code which simply needs secure random data.  For this
+purpose, please use
+.Xr arc4random 3 .
+.Pp
+The maximum value for
+.Li buflen
+is 256 bytes.
+.Sh IMPLEMENTATION NOTES
+.Fn getentropy
+reads from the
+.Xr sysctl 7
+variable
+.Li kern.arandom .
+.Sh RETURN VALUES
+The
+.Fn getentropy
+function returns 0 on success, and -1 if an error occurred.
+.Sh ERRORS
+.Fn getentropy
+will succeed unless:
+.Bl -tag -width Er
+.It Bq Er EFAULT
+The
+.Fa buf
+argument points to an invalid memory address.
+.It Bq Er EIO
+Too many bytes were requested.
+.Sh SEE ALSO
+.Xr arc4random 3 ,
+.Xr rnd 4
+.Sh STANDARDS
+The
+.Fn getentropy
+function is non-standard.
+.Sh HISTORY
+The
+.Fn getentropy
+function first appeared in
+.Ox 5.6 ,
+then in
+.Fx 12.0 ,
+and
+.Nx 10 .
Index: lib/libc/gen/getentropy.c
===================================================================
RCS file: lib/libc/gen/getentropy.c
diff -N lib/libc/gen/getentropy.c
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ lib/libc/gen/getentropy.c	1 May 2020 15:20:52 -0000
@@ -0,0 +1,63 @@
+/*	$NetBSD$	*/
+
+/*-
+ * Copyright (c) 2020 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Nia Alarie.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__RCSID("$NetBSD$");
+
+#include "namespace.h"
+
+#include <sys/param.h>
+#include <sys/sysctl.h>
+
+#include <errno.h>
+#include <unistd.h>
+
+#ifdef __weak_alias
+__weak_alias(getentropy,_getentropy)
+#endif
+
+int
+getentropy(void *buf, size_t buflen)
+{
+	const int name[2] = { CTL_KERN, KERN_ARND };
+
+	if (buf == NULL && buflen > 0) {
+		errno = EFAULT;
+		return -1;
+	}
+
+	if (buflen > 256) {
+		errno = EIO;
+		return -1;
+	}
+
+	return sysctl(name, 2, buf, &buflen, NULL, 0);
+}
Index: lib/libc/include/namespace.h
===================================================================
RCS file: /cvsroot/src/lib/libc/include/namespace.h,v
retrieving revision 1.198
diff -u -r1.198 namespace.h
--- lib/libc/include/namespace.h	18 Apr 2020 23:55:50 -0000	1.198
+++ lib/libc/include/namespace.h	1 May 2020 15:20:53 -0000
@@ -362,6 +362,7 @@
 #define getdevmajor		_getdevmajor
 #define getdiskbyname		_getdiskbyname
 #define getdomainname		_getdomainname
+#define getentropy		_getentropy
 #define getfsent		_getfsent
 #define getfsfile		_getfsfile
 #define getfsspec		_getfsspec
Index: include/unistd.h
===================================================================
RCS file: /cvsroot/src/include/unistd.h,v
retrieving revision 1.156
diff -u -r1.156 unistd.h
--- include/unistd.h	31 Mar 2020 16:50:31 -0000	1.156
+++ include/unistd.h	1 May 2020 15:20:53 -0000
@@ -338,6 +338,7 @@
 int	 fdiscard(int, off_t, off_t);
 int	 fsync_range(int, int, off_t, off_t);
 int	 getdomainname(char *, size_t);
+int	 getentropy(void *, size_t);
 int	 getgrouplist(const char *, gid_t, gid_t *, int *);
 int	 getgroupmembership(const char *, gid_t, gid_t *, int, int *);
 mode_t	 getmode(const void *, mode_t);