|
|
Subscribe / Log in / New account

Fixing getrandom()

Fixing getrandom()

Posted Oct 1, 2019 9:49 UTC (Tue) by ceplm (subscriber, #41334)
In reply to: Fixing getrandom() by ceplm
Parent article: Fixing getrandom()

I was working on the mistaken assumption that getrandom() gets data from /dev/random. It doesn’t, it is actually desgined well, and this is just a bug, which need to be fixed, no more fuss about it.

to post comments

Fixing getrandom()

Posted Oct 1, 2019 16:53 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link] (2 responses)

Using /dev/random is a bad idea in general. There's no reason it's more secure than /dev/urandom and it can lead to large delays.

Fixing getrandom()

Posted Oct 4, 2019 6:50 UTC (Fri) by kmeyer (subscriber, #50720) [Link] (1 responses)

If you have a device no one can use, why have it? So I'd say it's the design of Linux /dev/random that's at fault. Linux could drop their "entropy draining" concept tomorrow and have a /dev/random like BSD /dev/[u]random and everyone would be just as happy. There is no academic or practical basis in the "entropy draining" model Linux's /dev/random espouses.

Fixing getrandom()

Posted Oct 10, 2019 20:28 UTC (Thu) by nix (subscriber, #2304) [Link]

Entropy draining is still useful, but not for blocking reads -- more, so that expensive methods of *accumulating* entropy only need to run when people have actually been reading from /dev/random in the first place (right now, adding entropy to a full pool will block until the pool drains a bit). These expensive methods are not theoretical: I have one attached to the machine I'm typing this on right now. Adding entropy non-stop will max out a core...


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds