On Thu, Sep 12, 2019 at 12:34:45PM +0100, Linus Torvalds wrote: > An alternative might be to make getrandom() just return an error > instead of waiting. Sure, fill the buffer with "as random as we can" > stuff, but then return -EINVAL because you called us too early.
That's probably one of the most sensible approaches. I must say I feel quite annoyed by what randomness has become due to the misuse of poor random sources by security components suddenly forcing all these sources to become strong and having to become unavailable for everything which doesn't need strong random. And most of the time the stuff which doesn't need a strong random happens during early boot. It can range from issuing a MAC address before setting a link up (when you have no chance to get entropy) to providing a UUID for a file system, or use of ephemeral randoms for session keys for the first access to a device for its configuration. A number of these often end up with a system not booting, unable to self-configure itself, or not being available when expected. It's too late now to change existing applications, but probably that doing something like above would at least allow applications to implement a fall back with the choice of "hey Mr user, there's not enough entropy yet to propose you a secure password, so please type 20 random chars on the keyboard so that I can complete it", or conversely "the syscall failed but I know I can still use the buffer's contents for a MAC address". But having to make the syscall to wait longer is never going to serve anyone. Two minutes is an eternity for certain devices, and some from the security world will consider that the syscall waited long enough to produce a good security so it's OK to use it as a reliable source. Failing immediately with whatever could be obtained is by far the best solution in my opinion as the application has to take the responsibility for using that buffer's contents. Willy -- still dreaming about the day boot loaders will collect entropy from the DDR training phase and pass it to the kernel.