[Cryptography] RFC possible changes for Linux random device
Theodore Ts'o
tytso at mit.edu
Tue Sep 16 11:42:34 EDT 2014
On Tue, Sep 16, 2014 at 11:17:01AM -0400, Jerry Leichter wrote:
> > so if you had all zeroes, now you have something that looks random but
> > is totally non-random? Why would you do that?
> Yes, I'm guessing that this wasn't intended to be the whole
> proposal. My assumption is that the system call will return a
> success/failure status, and that this describes the failure case:
> Beyond returning a status, it *also* clears the output buffer.
In all cases, if anything fails (including ENOMEM, the user not
compiling AES into the kernel, the AES crypto module failing to load,
etc., etc., etc.,) we fall back to the existing methods of using the
urandom pool. I think I mentioned this in one portion of the
proposal, but this was supposed to be a universal fallback.
- Ted
More information about the cryptography
mailing list