Re: getrandom and getentropy

To: tech-userlevel%netbsd.org@localhost
Subject: Re: getrandom and getentropy
From: mlelstv%serpens.de@localhost (Michael van Elst)
Date: Mon, 11 May 2020 17:56:41 -0000 (UTC)

riastradh%NetBSD.org@localhost (Taylor R Campbell) writes:

>> Date: Mon, 11 May 2020 16:16:12 -0000 (UTC)
>> From: mlelstv%serpens.de@localhost (Michael van Elst)
>> 
>> Previously we could trust in random processes, whether the entropy
>> estimation was scientific or not. We could also chose what source
>> to trust.

>Still can.  NetBSD just doesn't do bogus pseudoscientific
>prestidigitation any more.

It doesn't do any entropy estimation anymore.

HWRNG - we trust the driver
constant file - we trust the file
any random process we used before - we ignore it (as far as it is
related to the topic).

>> Now we put all trust in loading a constant file.

>This is still false, just like it was the last time you made this
>claim.

We only trust a HWRNG and the seed file because only these enter
a non-zero value for entropy. I cannot configure any other source to
do that.

>> >This hardware can reasonably block forever on first boot, due to
>> >the large number of sources of entropy that are no longer measured.
>> 
>> Not "can". It does, definitely, always.
>> 
>> And it never blocks on second boot.

>This is false.

After initial boot, reading from /dev/random blocks forever.

Rebooting without providing a seed:  /dev/random still blocks forever.

Rebooting after writing a seed once: never blocks again, even when
the file wouldn't change. Technically of course you are right that
before loading the seed in the rc sequence we would still block forever.

>Please do your homework first,

Like checking the code and verifying how it operates ?

>and then take this to a thread where it
>is on topic, not the thread about a choice of C API to adopt.

The discussion seems to be on topic here, even if you don't want it.
After all I responded to an article that exactly put this on topic
but which didn't cause indignation.

-- 
-- 
                                Michael van Elst
Internet: mlelstv%serpens.de@localhost
                                "A potential Snark may lurk in every tree."

Follow-Ups:
- Re: getrandom and getentropy
  - From: Taylor R Campbell
- Re: getrandom and getentropy
  - From: Paul Goyette

References:
- Re: getrandom and getentropy
  - From: Michael van Elst
- Re: getrandom and getentropy
  - From: Taylor R Campbell

Prev by Date: Re: getrandom and getentropy
Next by Date: Re: getrandom and getentropy
Previous by Thread: Re: getrandom and getentropy
Next by Thread: Re: getrandom and getentropy
Indexes:

Home | Main Index | Thread Index | Old Index