[tytso@xxxxxxx: Re: Linux messages full of `random: get_random_u32 called from`]

zbyszek@xxxxxxxxx (Zbigniew Jędrzejewski-Szmek) · Mon, 7 May 2018 13:02:51 +0000

On Wed, May 02, 2018 at 12:23:33PM -0300, Cristian RodrÃguez wrote:
> El 02-05-2018 a las 6:25, Lennart Poettering escribiÃ³:
> >On Di, 01.05.18 18:08, Vito Caputo (vcaputo at pengaru.com) wrote:
> 
> >Or maybe this confusion is just another iteration of the stuff
> >dicussed here? https://github.com/systemd/systemd/issues/4167

That bug was closed after some improvements, but based on the comments
there we can conclude that systemd *does* consume a lot of random bytes
from /dev/urandom and even though we are using the kernel APIs as documented,
it would be nice if were didn't use read all this random data, because
that impacts other processes that need random data.

But to change how much random bytes we use, we'd need to refactor
the code, because right now by the time we get to the part that
actually reads the bytes, we're far from the caller who knows if we
need really proper random bytes or we would be fine with some fluff.

I wasn't aware that this is still a problem. If it is, it'd probably
be worth looking into.

> On modern x86 hardware we could fallback to rdrand but only when
> getrandom returns EAGAIN.
> 
> For other non-cryptographic uses maybe implementing xoroshiro128+ or
> Mersenne Twister would suffice, until libc gets a sane random
> interface if ever.
Yeah, that's something to look into to. But that'd still probably
need the refactoring to pass down more information about how those
numbers will be used.

Zbyszek