On Wed, Apr 19, 2023 at 02:58:32PM +0100, Jean-Philippe Brucker wrote: > On Thu, Apr 13, 2023 at 05:57:55PM +0100, Andre Przywara wrote: > > I am not sure we now really need patch 2 anymore (originally I had this > > one before I switched to /dev/urandom). I *think* even a read from > > /dev/urandom can return early (because of a signal, for instance), so > > a return with 0 bytes read seems possible. > > Given that this should be very rare, maybe a simple loop would be better > than switching the blocking mode? It's certainly a good idea to apply the > "MUST" requirements from virtio. Digging a bit more, the manpage [1] is helpful: The O_NONBLOCK flag has no effect when opening /dev/urandom. When calling read(2) for the device /dev/urandom, reads of up to 256 bytes will return as many bytes as are requested and will not be interrupted by a signal handler. Reads with a buffer over this limit may return less than the requested number of bytes or fail with the error EINTR, if interrupted by a signal handler. So I guess you can also drop the O_NONBLOCK flag in patch 1. And for the second one, maybe we could fallback to a 256 bytes read if the first one fails Thanks, Jean [1] https://man7.org/linux/man-pages/man4/urandom.4.html
