Re: [ptxdist] Python 3.5 and the use of getrandom() system call

2016-11-29 Thread Alexander Dahl
Hei hei, On Tue, Nov 29, 2016 at 02:14:04PM +0100, Clemens Gruber wrote: > The URL for haveged seems to be down? Same here. > From the ArchLinux wiki: "Unless you have a specific reason to not trust > any hardware random number generator on your system, you should try to > use them with the rng-

Re: [ptxdist] Python 3.5 and the use of getrandom() system call

2016-11-29 Thread Clemens Gruber
Hi, On Tue, Nov 29, 2016 at 09:56:59AM +0100, Alexander Dahl wrote: > On Fri, Nov 18, 2016 at 02:21:36PM +0100, David Jander wrote: > > Or is there a way (that I ignore) to speed-up the generation of > > entropy in the Linux kernel? > > I heard other people use haveged for this. I have two experi

Re: [ptxdist] Python 3.5 and the use of getrandom() system call

2016-11-29 Thread Michael Olbrich
Hi, On Tue, Nov 29, 2016 at 09:56:59AM +0100, Alexander Dahl wrote: > On Fri, Nov 18, 2016 at 02:21:36PM +0100, David Jander wrote: > > Or is there a way (that I ignore) to speed-up the generation of > > entropy in the Linux kernel? I agree with the other that such a patch is not a good idea for

Re: [ptxdist] Python 3.5 and the use of getrandom() system call

2016-11-29 Thread Alexander Dahl
Hei hei, On Fri, Nov 18, 2016 at 02:21:36PM +0100, David Jander wrote: > Or is there a way (that I ignore) to speed-up the generation of > entropy in the Linux kernel? I heard other people use haveged for this. I have two experimental patches for adding a haveged package, but did not test it thou

Re: [ptxdist] Python 3.5 and the use of getrandom() system call

2016-11-20 Thread David Jander
On Fri, 18 Nov 2016 18:15:58 +0100 Clemens Gruber wrote: > Hi, > > On Fri, Nov 18, 2016 at 02:21:36PM +0100, David Jander wrote: > > Or is there a way (that I ignore) to speed-up the generation of entropy in > > the > > Linux kernel? > > Did you build your kernel with CONFIG_CRYPTO_JITTERENT

Re: [ptxdist] Python 3.5 and the use of getrandom() system call

2016-11-18 Thread Roland Hieber
On 18.11.2016 18:15, Clemens Gruber wrote: > It's probably a bad idea to just patch python for every PTXdist user. > Not everybody is willing to trade security for faster start times. Judging from Python-3.5.0/Python/random.c:118, it will use the getrandom() syscall with flags=0, and according to

Re: [ptxdist] Python 3.5 and the use of getrandom() system call

2016-11-18 Thread Clemens Gruber
Hi, On Fri, Nov 18, 2016 at 02:21:36PM +0100, David Jander wrote: > Or is there a way (that I ignore) to speed-up the generation of entropy in the > Linux kernel? Did you build your kernel with CONFIG_CRYPTO_JITTERENTROPY=y and CONFIG_CRYPTO_DRBG_HASH=y ? Also, depending on your platform, there