Re: short read from /dev/urandom

From: H. Peter Anvin
Date: Fri Jan 14 2005 - 21:39:43 EST

Next message: Chris Wright: "Re: security contact draft"
Previous message: H. Peter Anvin: "Re: short read from /dev/urandom"
In reply to: Theodore Ts'o: "Re: short read from /dev/urandom"
Next in thread: Matt Mackall: "Re: short read from /dev/urandom"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Followup to: <20050114232154.GB18479@xxxxxxxxx>
By author: "Theodore Ts'o" <tytso@xxxxxxx>
In newsgroup: linux.dev.kernel
>
> Good point. The fact that there are other implementations out there
> which are doing this is a convincing argument.
>
> I am still a bit concerned still that a stupidly written program that
> opens /dev/urandom (perhaps unwittingly) and tries to read a few
> hundred megabytes will become uninterruptible until the read
> completes, but I'm not sure it's worth it to but in some kludge that
> says "break if there's a signal and count > 1 megabyte --- otherwise
> we'll return soon enough".
>

I'm very concerned about this; this is fundamentally a change to
signal delivery semantics.

What we might want to go along with is a read smaller than PIPE_BUF
(the largest size guaranteed to be atomic when writing to a pipe,
which is another special case) should not return fractional.

-hpa
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chris Wright: "Re: security contact draft"
Previous message: H. Peter Anvin: "Re: short read from /dev/urandom"
In reply to: Theodore Ts'o: "Re: short read from /dev/urandom"
Next in thread: Matt Mackall: "Re: short read from /dev/urandom"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]