On 2017-09-26 17:47, Laurent Bercot wrote:
>
>> On a modern linux system, s6-rc-update ends up calling getrandom(2) via
>> the random_sauniquename() library function. But on embedded systems, and
>> especially during early initialization, that is likely to block, which
>> means that the entire boo
On 2017-09-26 18:20, Jorge Almeida wrote:
> This is what I do at stage 1, regarding entropy gathering:
Thanks, but nothing short of an ioctl(RNDADDTOENTCNT) or
ioctl(RNDADDENTROPY) will the change the kernel's measure of the
gathered entropy, and to use those in good conscience obviously requires
On Wed, Sep 27, 2017 at 12:36 AM, Rasmus Villemoes
wrote:
> On 2017-09-26 18:20, Jorge Almeida wrote:
>> This is what I do at stage 1, regarding entropy gathering:
>
>
>> - start haveged service soon
>> - in background,
>> - read 512 bytes from /dev/random and write them to /dev/urandom
>
src/librandom/random_makeseed.c says that that's precisely the point; I
was quoting verbatim.
Ah, indeed. My mistake. Full disclosure: at first I wanted to speed up
the /dev/urandom initialization. Then, after careful re-reading of the
Linux man pages, I realized it wouldn't work; but I found t