Re: Bug#533077: linux-image-2.6.26-2-486: on an idle system /dev/random gets depleted very quick
On Mon, Jun 15, 2009 at 02:08:48PM +0200, Bastian Blank wrote:
> On Mon, Jun 15, 2009 at 11:44:07AM +0200, Aurelien Jarno wrote:
> > Bastian Blank a écrit :
> > > On Mon, Jun 15, 2009 at 10:47:43AM +0200, Folkert van Heusden wrote:
> > >>> Now add strace to those commands. Do you see the problem?
> > >> Nope, works as expected:
> > > You have different libs than we all have. Ours shows:
> > > | open("/dev/urandom", O_RDONLY) = 3
> > > | read(3, "\34\344C\242", 4) = 4
> > > | close(3) = 0
> > Note that it is fixed in glibc 2.10 with kernels >= 2.6.29.
> No. The bugreport is about random depletion, because the glibc uses it.
> This is not fixed.
glibc needs a random number for security reasons. Up to version 2.9, it
was using /dev/urandom. Starting with version 2.10, it uses if available
the auxv AT_RANDOM vector if available in order to not deplete all
entropy. This has been designed explicitely for that.
If the kernel is still wasting all the entropy to provide AT_RANDOM
values, then it's a kernel problem.
Aurelien Jarno GPG: 1024D/F1BCDB73