Am Dienstag, 12. November 2019, 14:23:10 CET schrieb Florian Weimer: Hi Florian, > * Stephan Müller: > > * support deactivation of TRNG (i.e. blocking behavior of /dev/random) > > > > at compile time. If deactivated, /dev/random behaves like > > getrandom(2). > > I don't quite understand this comment. Doesn't getrandom with the > GRND_RANDOM always behave like /dev/random? Presumably, without the > TRNG tap, the GRND_RANDOM flag for getrandom is ignored, and reading > from /dev/random behaves like reading from /dev/urandom. Absolutely. Apologies for the imprecision here. I will correct that. The idea is that the constant blocking behavior of /dev/random and GRND_RANDOM is replaced with the blocking behavior of getrandom(2) without the GRND_RANDOM flag (i.e. the interface waits until the LRNG thinks it is completely seeded before it provides ulimited data). > > Anyway, reading the accompanying PDF, this looks rather impressive: > the userspace bootstrapping problem is gone (the issue where waiting > for more entropy prevents the collection of more entropy), *and* we > can still make the standards people happy. > > (Replying from my other account due to mail issues, sorry.) Ciao Stephan
