On 2022/7/21 19:09, Theodore Ts'o wrote:
On Thu, Jul 21, 2022 at 02:44:54PM +0800, Guozihua (Scott) wrote:
>
We have a userspace program that starts pretty early in the boot process and
it tries to fetch random bits from /dev/random with O_NONBLOCK, if that
returns -EAGAIN, it turns to /dev/urandom. Is this a correct handling of
-EAGAIN? Or this is not one of the intended use case of O_NONBLOCK?
In addition to the good points which Eric and Jason have raised, the
other thing I would ask you is ***why*** is your userspace program
trying to fetch random bits early in the boot process? Is it, say,
trying to generate a cryptographic key which is security critical. If
so, then DON'T DO THAT.
There have been plenty of really embarrassing security problems caused
by consumer grade products who generate a public/private key pair
within seconds of the customer taking the product out of the box, and
plugging it into the wall for the first time. At which point,
hilarity ensues, unless the box is life- or mission- critical, in
which case tragedy ensues....
Is it possible to move the userspace program so it's not being started
early in the boot process? What is it doing, and why does it need
random data in the first place?
- Ted
.
Hi Ted,
Thanks for the comment. The code is not written by me, but I think you
made a good point here and I'll definitely bring this up to the author.
--
Best
GUO Zihua
