Re: getrandom and getentropy

[Taylor R Campbell <riastradh%NetBSD.org@localhost>]

> Date: Sat, 2 May 2020 18:07:54 +0200
> From: Kurt Roeckx <kurt%roeckx.be@localhost>
> 
> On Sat, May 02, 2020 at 03:38:43PM +0000, Taylor R Campbell wrote:
> > > Date: Sat, 2 May 2020 11:10:44 +0200
> > > From: Kurt Roeckx <kurt%roeckx.be@localhost>
> > > 
> > > I hink we've previously talked about it, and you said the OpenBSD
> > > manpage doesn't mention anything related to it. But it's implied
> > > behaviour for OpenBSD, they never had an interface where you can
> > > get random numbers before it's properly seeded.
> > 
> > I reviewed the OpenBSD implementation at
> > 
> > https://cvsweb.openbsd.org/src/sys/dev/rnd.c?rev=1.204&content-type=text/x-cvsweb-markup
> > 
> > and I see no evidence of blocking.  Where does it block?
> 
> It's my understanding that it never blocks because the bootloader
> provides entropy. Be time time the first user can call genentropy,
> it has already been seeded.

On NetBSD we try to do that where possible too, but in the real world
it can't be 100% guaranteed to work on NetBSD or on OpenBSD -- for
example, if you copy the same fresh OS image onto multiple machines
(every machine might generate the same keys), then it won't work, or
if your / is mounted on a read-only medium, then it won't work (boot
again and you might get the same keys).

If you're satisfied with what OpenBSD does here, then I think you
should generally be satisfied with what NetBSD does too.