systemd uses getrandom() unless it blocks, in which case it just reads /dev/urandom, missing the point of getrandom()https://twitter.com/CopperheadOS/status/869162762370506754 …
-
-
I have a hunch some of this is workaround for slow process of adoption of sane interfaces. Linux is a supertanker w.r.t moving.
1 reply 0 retweets 0 likes -
In e.g., *BSD or Illumos-gate you just make the change on next major release and you are done.
1 reply 0 retweets 0 likes -
They are deliberately bypassing the blocking until initialization. This is when the API is present, and systemd mandates new kernels anyway.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @jlouis666 and
It only blocks when the CSPRNG cannot be considered initialized because not enough initial entropy was available yet. It's abuse of the API.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @jlouis666 and
Note that getrandom doesn't provide a way to bypass the initialization check. It's reporting an EAGAIN error and then they just use urandom.
1 reply 0 retweets 0 likes -
I wonder how long it takes for the entropy pool to get up and initialized. My guess would be in the millisecond range.
1 reply 0 retweets 0 likes -
Not really. On VMs (often reported on Digital Ocean & Scaleway), it can take *minutes*.
2 replies 0 retweets 0 likes -
o.O That is interesting and surprising. I’d regard that as an error. Anyone know why it takes minutes? Pool doesn’t have the usual sources?
2 replies 0 retweets 0 likes
virtio RNG not available, network interfaces not mounted yet.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.