Patch: Stop using /dev/random

Scott Arciszewski scott at paragonie.com
Wed Nov 16 19:16:54 CET 2016


On Wed, Nov 16, 2016 at 1:09 PM, Stephan Mueller <smueller at chronox.de> wrote:
> Am Mittwoch, 16. November 2016, 12:51:40 CET schrieb Scott Arciszewski:
>
> Hi Scott,
>
>> Better to fail closed than fail open.
>
> If you want to re-implement a getrandom(2) like blocking style rather than
> wait for /dev/random to return data, it is probably easier to observe /proc/
> sys/kernel/random/entropy_avail with a poll/select operation. Once that file
> increases above 0 for the first time, the nonblocking_pool is seeded. This
> test is not prone to /dev/urandom hogs.
>
> Ciao
> Stephan

This is a better Linux-specific solution, but this behavior is only
needed on older Linux kernels (libgcrypt is already moving to
getrandom(2) anyway).

Of course, none of this would have ever been necessary if GNU/Linux's
implementations of /dev/random and /dev/urandom only blocked until
seeded, and then never again, in the first place.

Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com>



More information about the Gcrypt-devel mailing list