tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Waiting for Randot (or: nia and maya were right and I was wrong)

On 16.01.2021 14:29, Taylor R Campbell wrote:
>> Date: Sat, 16 Jan 2021 13:21:21 +0100
>> From: Kamil Rytarowski <>
>> On 11.01.2021 02:25, Taylor R Campbell wrote:
>>> Many of you have no doubt noticed that a lot more things hang waiting
>>> for entropy than used to on machines without hardware random number
>>> generators (even as we've added a bunch of new drivers for HWRNGs) --
>>> e.g., python, firefox.
>> Can we overload the ENOSYS return value and return it for CPUs without
>> hardware assisted random number generator? This way we certainly catch
>> real bugs in software that do not handle ENOSYS anyway.
> How does that detect real bugs? 

Lack of fallback is a bug for preexisting Linux users.

> How does it improve anything?

The improvement is achieved by deferring the problem out of the kernel
to userspace applications if there is no HWRNG device driver.

An application could fallback in a typical case to plain sysctl(3),
arc4random(3) or some other source of randomness delivered by a user if
that is really necessary.

At the end of this, getrandom(2) never hangs forever due to the lack of
HWRNG device.

I don't feel as a user much interested in maintaining a dedicated
rc.conf(5) switches or motd warnings. Such things add extra management
complexity without any gains for me. Once I will be paranoid, I will not
defer such features to OS anyway and ensure proper source of randomness
on my own.

Attachment: signature.asc
Description: OpenPGP digital signature

Home | Main Index | Thread Index | Old Index