On April 12, 2010, Modestas Vainius wrote: > forwarded 576016 https://bugs.kde.org/show_bug.cgi?id=205284 > tags 576016 upstream > thanks
Good day Modestas (and others). I continued to look into this from the point of view that the cause of the repetitious behavior was the kernel running out of entropy (/dev/random and /dev/urandom). Thinking about it more, it must be /dev/urandom that was being used, and hence it was providing numbers that had very few bits of entropy in them. I knew that I had randomsound installed, but it kind of defeats the point to have the gain at maximum, if you want to listen to good music. Hence, randomsound probably wasn't adding much entropy to the kernel. So, I looked around Debian to see what else there was as far as sources of entropy goes. I found haveged. Before installing haveged, /proc/sys/kernel/random/entropy_avail was reporting 180 or so bits of entropy (middle of day). After installing haveged, I am seeing around 3600 bits, even first thing when I woke up today. This doesn't prove my suspicions, but if amarok never gets repetitious, then it strongly supports them. However, it does seem to indicate that amarok is using /dev/random or /dev/urandom, as a source of random numbers. That source of numbers is supposed to be present for cyptographically strong random number needs. If the kernel entropy drops to zero, security of networking probably goes to zero as well. Which would seem to indicate a severity far above wishlist. Is it just amarok that is drawing random numbers from /dev/urandom, or are there many applications doing this? Is amarok getting its random numbers from kdelibs, and kdelibs is doing it wrong? Is it a Qt library that is being called by kdelibs doing it wrong? Libc? As I understand things, any application is welcome to call /dev/urandom (or /dev/random) after looking at /proc/sys/kernel/random/entropy_avail to see that enough entropy is present, in order to seed a RNG. But all of these non- cryptographic applications should not be calling /dev/urandom for all the random numbers they need. Maybe I am interpretting things wrong. I'll leave it up to you, as to whether this was just a symptom of a more serious problem, and if so, what to do about it. For the present time, it seems like haveged is at least able to keep the kernel entropy level high enough. I will write again, if amarok again starts repeating itself. Gord -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org