[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: getrandom and getentropy
riastradh%NetBSD.org@localhost (Taylor R Campbell) writes:
>> Date: Mon, 11 May 2020 16:16:12 -0000 (UTC)
>> From: mlelstv%serpens.de@localhost (Michael van Elst)
>> Previously we could trust in random processes, whether the entropy
>> estimation was scientific or not. We could also chose what source
>> to trust.
>Still can. NetBSD just doesn't do bogus pseudoscientific
>prestidigitation any more.
It doesn't do any entropy estimation anymore.
HWRNG - we trust the driver
constant file - we trust the file
any random process we used before - we ignore it (as far as it is
related to the topic).
>> Now we put all trust in loading a constant file.
>This is still false, just like it was the last time you made this
We only trust a HWRNG and the seed file because only these enter
a non-zero value for entropy. I cannot configure any other source to
>> >This hardware can reasonably block forever on first boot, due to
>> >the large number of sources of entropy that are no longer measured.
>> Not "can". It does, definitely, always.
>> And it never blocks on second boot.
>This is false.
After initial boot, reading from /dev/random blocks forever.
Rebooting without providing a seed: /dev/random still blocks forever.
Rebooting after writing a seed once: never blocks again, even when
the file wouldn't change. Technically of course you are right that
before loading the seed in the rc sequence we would still block forever.
>Please do your homework first,
Like checking the code and verifying how it operates ?
>and then take this to a thread where it
>is on topic, not the thread about a choice of C API to adopt.
The discussion seems to be on topic here, even if you don't want it.
After all I responded to an article that exactly put this on topic
but which didn't cause indignation.
Michael van Elst
"A potential Snark may lurk in every tree."
Main Index |
Thread Index |