Re: [chrony-users] Chrony vs. Linux RNG

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


On Mon, Apr 23, 2018 at 01:21:42PM +0200, Holger Hoffstätte wrote:
> On 04/23/18 13:07, Miroslav Lichvar wrote:
> > Great. Thanks. I'll think a bit about possible implications before
> > pushing the change.
> 
> Maybe make "available" and "disabled" non-static so that they are
> not just evaluated once?

They are static to avoid a performance loss when the system call is
not supported (e.g. on an old kernel).

> On subsequent calls the CRNG will eventually
> be initialized, so at some point it will start working with the
> expected randomness. Just an idea.

I think that's possible, but it would need to check the error code to
distinguish between getrandom() not being fully initialized and
getrandom() missing.

One thing that I don't like much about the fallback is that it may
cause chronyd to randomly fail in environments where /dev/urandom is
not available. Before, it either always worked or failed. Now it may
fail if it's started too early and restarting it later will fix it.

-- 
Miroslav Lichvar

-- 
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "unsubscribe" in the subject.
For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx 
with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/