lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190917215200.wtjim3t6zgt7gdmw@srcf.ucam.org>
Date:   Tue, 17 Sep 2019 22:52:00 +0100
From:   Matthew Garrett <mjg59@...f.ucam.org>
To:     Martin Steigerwald <martin@...htvoll.de>
Cc:     "Ahmed S. Darwish" <darwish.07@...il.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Lennart Poettering <mzxreary@...inter.de>,
        "Theodore Y. Ts'o" <tytso@....edu>, Willy Tarreau <w@....eu>,
        Vito Caputo <vcaputo@...garu.com>,
        Andreas Dilger <adilger.kernel@...ger.ca>,
        Jan Kara <jack@...e.cz>, Ray Strode <rstrode@...hat.com>,
        William Jon McCann <mccann@....edu>,
        "Alexander E. Patrakov" <patrakov@...il.com>,
        zhangjs <zachary@...shancloud.com>, linux-ext4@...r.kernel.org,
        lkml <linux-kernel@...r.kernel.org>
Subject: Re: Linux 5.3-rc8

On Tue, Sep 17, 2019 at 11:38:33PM +0200, Martin Steigerwald wrote:

> My understanding of entropy always has been that only a certain amount 
> of it can be produced in a certain amount of time. If that is wrong… 
> please by all means, please teach me, how it would be.

getrandom() will never "consume entropy" in a way that will block any 
users of getrandom(). If you don't have enough collected entropy to seed 
the rng, getrandom() will block. If you do, getrandom() will generate as 
many numbers as you ask it to, even if no more entropy is ever collected 
by the system. So it doesn't matter how many clients you have calling 
getrandom() in the boot process - either there'll be enough entropy 
available to satisfy all of them, or there'll be too little to satisfy 
any of them.

-- 
Matthew Garrett | mjg59@...f.ucam.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ