Re: random: /dev/random often returns short reads
From: Denys Vlasenko
Date: Tue Jan 17 2017 - 12:59:17 EST
On 01/17/2017 06:15 PM, Theodore Ts'o wrote:
On Tue, Jan 17, 2017 at 09:21:31AM +0100, Denys Vlasenko wrote:
If someone wants to send me a patch, I'll happily take a look at it,
Will something along these lines be accepted?
The problem is that this won't work. In the cases that we're talking
about, the entropy counter in the secondary pool is not zero, but
close to zero, we'll still have short reads. And that's going to
happen a fair amount of the time.
Perhaps the best *hacky* solution would be to say, ok if the entropy
count is less than some threshold, don't use the correct entropy
calculation, but rather assume that all of the new bits won't land on
top of existing entropy bits.
IOW, something like this:
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -653,6 +653,9 @@ static void credit_entropy_bits(struct
entropy_store *r, int nbits)
if (nfrac < 0) {
/* Debit */
entropy_count += nfrac;
+ } else if (entropy_count < ((8 * 8) << ENTROPY_SHIFT)) {
+ /* Credit, and the pool is almost empty */
+ entropy_count += nfrac;
} else {
/*
* Credit: we have to account for the possibility of
* overwriting already present entropy. Even in the
Want the patch? If yes, what name of the constant you prefer? How about
/* Has less than 8 bytes */
#define ALMOST_EMPTY_POOL_frac ((8 * 8) << ENTROPY_SHIFT)