[Cryptography] randomness +- entropy
Hannes Frederic Sowa
hannes at stressinduktion.org
Tue Nov 5 18:38:32 EST 2013
On Tue, Nov 05, 2013 at 06:09:49PM -0500, Theodore Ts'o wrote:
> On Tue, Nov 05, 2013 at 05:31:12PM -0500, John Kelsey wrote:
> >
> > Is there any way for a program to find out if /dev/urandom has been
> > seeded properly?
>
> Currently, there isn't. We could add it, but most programs aren't
> going to check for such a flag. So one of the things which I've
> recently added:
>
> http://git.kernel.org/cgit/linux/kernel/git/tytso/random.git/log/?h=dev
Regarding
<https://git.kernel.org/cgit/linux/kernel/git/tytso/random.git/commit/?h=dev&id=392a546dc8368d1745f9891ef3f8f7c380de8650>:
Why not always print a warning once if someone tried to extract
randomness before the pool was fully initialized? I would even consider
adding a WARN_ONCE there so that it is really visible to the user. Maybe
kernelooops.org or some other distro infrastructure could uncover which
devices have their nonblocking random pool initialized too late.
I would love to collect such stack traces and would check if we can
delay them as much as possible.
Greetings,
Hannes
More information about the cryptography
mailing list