|
|
Subscribe / Log in / New account

Fixing getrandom()

Fixing getrandom()

Posted Sep 27, 2019 18:37 UTC (Fri) by jem (subscriber, #24231)
In reply to: Fixing getrandom() by patrakov
Parent article: Fixing getrandom()

A new seed is written before the computer is rebooted. This way the accumulated entropy is not flushed at restart.

to post comments

Fixing getrandom()

Posted Sep 27, 2019 19:05 UTC (Fri) by walters (subscriber, #7396) [Link] (2 responses)

Yeah though, actually *crediting* it is a different step: https://github.com/systemd/systemd/issues/4271 (and crediting is highly relevant to this discussion)

Fixing getrandom()

Posted Sep 29, 2019 20:05 UTC (Sun) by NYKevin (subscriber, #129325) [Link] (1 responses)

I recommend clicking through to that bug report. This is more complicated than I had imagined, because in cases where people take images of live systems, you really shouldn't credit any "stored" entropy at all (because it's been duplicated umpteen times into other instances of the same image, so it's no longer unpredictable). But you can't know that someone imaged the system, so how do you square that circle?

Fixing getrandom()

Posted Sep 29, 2019 20:27 UTC (Sun) by patrakov (subscriber, #97174) [Link]

This is exactly why I say "don't". Too many bugs stem from our desire do achieve the impossible instead of giving up immediately.

OTOH, jitter entropy will definitely help here, up to the point of making it completely unneeded to save entropy between reboots.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds