[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#533077: linux-image-2.6.26-2-486: on an idle system /dev/random gets depleted very quick



On Mon, Jun 15, 2009 at 02:08:48PM +0200, Bastian Blank wrote:
> On Mon, Jun 15, 2009 at 11:44:07AM +0200, Aurelien Jarno wrote:
> > Bastian Blank a écrit :
> > > On Mon, Jun 15, 2009 at 10:47:43AM +0200, Folkert van Heusden wrote:
> > >>> Now add strace to those commands.  Do you see the problem?
> > >> Nope, works as expected:
> > > You have different libs than we all have. Ours shows:
> > > | open("/dev/urandom", O_RDONLY)          = 3
> > > | read(3, "\34\344C\242", 4)              = 4
> > > | close(3)                                = 0
> > Note that it is fixed in glibc 2.10 with kernels >= 2.6.29.
> 
> No. The bugreport is about random depletion, because the glibc uses it.
> This is not fixed.
> 

glibc needs a random number for security reasons. Up to version 2.9, it
was using /dev/urandom. Starting with version 2.10, it uses if available
the auxv AT_RANDOM vector if available in order to not deplete all
entropy. This has been designed explicitely for that.

If the kernel is still wasting all the entropy to provide AT_RANDOM
values, then it's a kernel problem.

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net


Reply to: