Patch: Stop using /dev/random
scott at paragonie.com
Wed Nov 16 19:16:54 CET 2016
On Wed, Nov 16, 2016 at 1:09 PM, Stephan Mueller <smueller at chronox.de> wrote:
> Am Mittwoch, 16. November 2016, 12:51:40 CET schrieb Scott Arciszewski:
> Hi Scott,
>> Better to fail closed than fail open.
> If you want to re-implement a getrandom(2) like blocking style rather than
> wait for /dev/random to return data, it is probably easier to observe /proc/
> sys/kernel/random/entropy_avail with a poll/select operation. Once that file
> increases above 0 for the first time, the nonblocking_pool is seeded. This
> test is not prone to /dev/urandom hogs.
This is a better Linux-specific solution, but this behavior is only
needed on older Linux kernels (libgcrypt is already moving to
Of course, none of this would have ever been necessary if GNU/Linux's
implementations of /dev/random and /dev/urandom only blocked until
seeded, and then never again, in the first place.
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com>
More information about the Gcrypt-devel