Re: [RFC] Should writes to /dev/urandom immediately affect reads?

From: Linus Torvalds
Date: Wed Sep 20 2023 - 14:48:52 EST

Next message: Robin Murphy: "Re: [PATCH] ARM: vfp: Add vudot opcode to VFP undef hook"
Previous message: Jeff Johnson: "Re: [PATCH v2 wireless-next 6/9] wifi: ath10k: Remove unnecessary (void*) conversions"
In reply to: Eric Biggers: "[RFC] Should writes to /dev/urandom immediately affect reads?"
Next in thread: Eric Biggers: "Re: [RFC] Should writes to /dev/urandom immediately affect reads?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 19 Sept 2023 at 23:06, Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
>
> This would be the potential change, BTW:

Entirely regardless of your fundamental question, no, that's not the
potential change.

That causes a crng_reseed() even if the write fails completely and
returns -EFAULT.

So at a *minimum*, I'd expect the patch to be be something like

memzero_explicit(block, sizeof(block));
- return ret ? ret : -EFAULT;
+ if (!ret)
+ return -EFAULT;
+ crng_reseed(NULL);
+ return ret;

but even then I'd ask

- wouldn't we want some kind of minimum check?

- do we really trust writes to add any actual entropy at all and at what point?

which are admittedly likely the same question just in different guises.

Also, are there any relevant architectures where
"try_to_generate_entropy()" doesn't work? IOW, why do you even care?

Linus

Next message: Robin Murphy: "Re: [PATCH] ARM: vfp: Add vudot opcode to VFP undef hook"
Previous message: Jeff Johnson: "Re: [PATCH v2 wireless-next 6/9] wifi: ath10k: Remove unnecessary (void*) conversions"
In reply to: Eric Biggers: "[RFC] Should writes to /dev/urandom immediately affect reads?"
Next in thread: Eric Biggers: "Re: [RFC] Should writes to /dev/urandom immediately affect reads?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]