On Sun, Jun 14, 2015 at 02:11:53PM -0300, Cristian Rodríguez wrote: > On Sun, Jun 14, 2015 at 1:43 PM, Greg KH <gre...@linuxfoundation.org> wrote: > > On Sun, Jun 14, 2015 at 12:49:55PM -0300, Cristian Rodríguez wrote: > >> > >> El jun. 14, 2015 10:21, "cee1" <fykc...@gmail.com> escribió: > >> > > >> > Hi all, > >> > > >> > Why we need to read/save random seed? Can it be read from /dev/random > >> > each > >> time? > >> > >> Because the kernel is borked and still is needs to be fed of entropy at > >> system > >> startup by user space. Please read the random man page. > >> > >> I agree we shouldn't have to do this at all.. > > > > Really? And how do you suggest we "fix" the kernel when the hardware > > itself doesn't provide us with a proper random number "seed" in the > > first place? What do you suggest we do instead? > > Las time I checked , it required this userspace help even when the > machine has rdrand/rdseed or when a virtual machine is fed from the > host using the virtio-rng driver.. (may take up to 60 seconds to > report > random: nonblocking pool is initialized) Any other possible solution > that I imagined involves either blocking and/or changes in the > behaviour visible to userspace and that is probably unacceptable > .
Really? A lot of changes went into seeding the initial random generator in the kernel in the past year, you might want to try it out again. > The random-seed tool also does not increment the entropy count (It > writes to /dev/random instead of using the ioctls) so the ultimate > result is still a system with very little entropy to go on, only > starting rngd or haveged *very* early in the boot sequence seem to > help. Then why not fix the random-seed tool to use the correct interface? thanks, greg k-h _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
