Home GnuPG

random: use getrandom() on Linux where available

Description

random: use getrandom() on Linux where available

* random/rndlinux.c (_gcry_rndlinux_gather_random): use the
getrandom() syscall on Linux if it exists, regardless of what kind of
entropy was requested.

This change avoids the serious usability problem of unnecessary
blocking on /dev/random when the kernel's PRNG is already seeded,
without introducing the risk of pulling from an uninitialized PRNG.
It only has an effect on Linux systems with a functioning getrandom()
syscall. If that syscall is unavailable or fails, it should fall
through to the pre-existing behavior.

(cherry picked from commit 7e662680c170968661ee0105d132813f8281d229)

  • GnuPG-bug-id: T3894
  • Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Details

Provenance
dkgAuthored on Sep 5 2018, 4:34 PM
wernerCommitted on Oct 26 2018, 1:50 PM
Parents
rC60885655756d: random: Make sure to re-open /dev/random after a fork
Branches
Unknown
Tags
Unknown
Tasks
T3894: re-evaluate default randomness choices during key generation on GNU/Linux platforms