Patch: Stop using /dev/random
ian at cypherpunks.ca
Wed Nov 16 20:43:29 CET 2016
On Wed, Nov 16, 2016 at 07:31:50PM +0100, Stephan Mueller wrote:
> Am Mittwoch, 16. November 2016, 13:16:54 CET schrieb Scott Arciszewski:
> Hi Scott,
> > Of course, none of this would have ever been necessary if GNU/Linux's
> > implementations of /dev/random and /dev/urandom only blocked until
> > seeded, and then never again, in the first place.
> This will not be implemented. During the course of my re-implementation of /
> dev/random I played with exactly that idea. This will break user space big
> time, because systemd will be blocked from initializing before /dev/urandom is
> fully seeded. The block happens before any device is set up or a driver loaded
> because these days systemd is used in the initramfs too.
> Thus, either you always sit on the console and hack on the keyboard until /
> dev/urandom unblocks and systemd continues or you will wait for (almost) an
> eternity to have the system booted.
I'm curious what systemd is using the data read from /dev/urandom at
boot time for, if it doesn't care whether there's any actual entropy in
that data? Nothing security relevant, hopefully?
More information about the Gcrypt-devel