[Toybox] You've seen the /dev/random shenanigans, right?
Eric Biggers
ebiggers at google.com
Tue Sep 19 14:48:18 PDT 2023
On Tue, Sep 19, 2023 at 12:44:17PM -0700, enh wrote:
> > now writing to /dev/random not only doesn't credit entropy (so it
> > still blocks)
It's always been like that, at least back to the earliest git commit in Linux
history (dated 2005). The only way for userspace programs to credit entropy has
always been the RNDADDENTROPY and RNDADDTOENTCNT ioctls.
> > but has an arbitrary delay about even mixing the data in.
This has been the case since Linux v4.8, released in 2016. v5.18 (released in
2022) stopped pretending to care about the "premature next" security model and
therefore reseeds the CRNG more frequently, and even makes writes to
/dev/{u,}random take effect immediately in some (but not all) cases. This
improved on the behavior you're complaining about, which again was introduced in
2016. IIRC there are still reasons for not making writes to /dev/{u,}random
*always* take effect immediately, but I can bring it up on the list again.
- Eric
More information about the Toybox
mailing list