Re: short read from /dev/urandom

From: Matt Mackall
Date: Sat Jan 15 2005 - 21:46:43 EST

Next message: Matt Mackall: "Re: short read from /dev/urandom"
Previous message: Tom Zanussi: "[PATCH][2.6.11-rc1-mm1] relayfs - remove klog debugging channel"
In reply to: H. Peter Anvin: "Re: short read from /dev/urandom"
Next in thread: Ulrich Drepper: "Re: short read from /dev/urandom"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 13, 2005 at 08:54:54PM -0800, Ulrich Drepper wrote:
> The /dev/urandom device is advertised as always returning the requested
> number of bytes. Yet, it fails to do this under some situations.
> Compile this

Here's what random.c says:

* The two other interfaces are two character devices /dev/random and
* /dev/urandom. /dev/random is suitable for use when very high
* quality randomness is desired (for example, for key generation or
* one-time pads), as it will only return a maximum of the number of
* bits of randomness (as estimated by the random number generator)
* contained in the entropy pool.
*
* The /dev/urandom device does not have this limit, and will return
* as many bytes as are requested. As more and more random bytes are
* requested without giving time for the entropy pool to recharge,
* this will result in random numbers that are merely cryptographically
* strong. For many applications, however, this is acceptable.

_Neither_ case mentions signals and the "and will return as many bytes
as requested" is clearly just a restatement of "does not have this
limit". Whoever copied this comment to the manpage was a bit sloppy
and dropped the first clause rather than the second:

When read, /dev/urandom device will return as many bytes as are
requested. As a result, if there is not sufficient entropy in
the entropy pool...

Meanwhile, read(2) says:

It is not an error if this number is smaller than the number
of bytes requested; this may happen for example because fewer
bytes are actually available right now (maybe because we were
close to end-of-file, or because we are reading from a pipe,
or from a terminal), or because read() was interrupted by a
signal.

So anyone doing a read() can expect a short read regardless of the fd
and is quite clear that reads can be interrupted by signals. "It is
not an error". Ever.

--
Mathematics is the supreme nostalgia of our time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Matt Mackall: "Re: short read from /dev/urandom"
Previous message: Tom Zanussi: "[PATCH][2.6.11-rc1-mm1] relayfs - remove klog debugging channel"
In reply to: H. Peter Anvin: "Re: short read from /dev/urandom"
Next in thread: Ulrich Drepper: "Re: short read from /dev/urandom"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]