Received: by 2002:ac0:da4c:0:0:0:0:0 with SMTP id a12csp449461imi; Thu, 21 Jul 2022 04:31:03 -0700 (PDT) X-Google-Smtp-Source: AGRyM1u0p0hZHj9kjqDj5tF2y9ouILBJ36AyhwiGjIO0lyJsMIoblxVI22cRKLwGGFvwEoAsu25O X-Received: by 2002:a17:90b:1d02:b0:1f0:1c2c:cc64 with SMTP id on2-20020a17090b1d0200b001f01c2ccc64mr10967235pjb.52.1658403063058; Thu, 21 Jul 2022 04:31:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658403063; cv=none; d=google.com; s=arc-20160816; b=FVEeosJ7VIp7mwrBftPfwU0gqgwSB+55h/ADJ7TNwUFKsTP2tDzopUexWRHviSIDqb 9l/8eSsQ4BTqw8gHwveyLudXLIL88ROVcfUv8AQ3143gBak0yBliM/6h1xotJlw/4Tts xKAvC+5OEuqH4ra4AXgbjtySQPS8lpT/w2EUXi37YsZOxhzsyDDJy0I32iCtB9cdtqFx cuNfZbnRe4kjXVh7A+k8M9f2t572AQIkUzU/ugB7++HYHtQvc6U5S1pSXXtB97UBfR4v sQttiGutlkSb4QI7EbV3i3SBPLeDy3T08qu/yQiIR8oFBOhHFYxQwDNzXrZsZ7aRWVUG wUTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=GPkbqZ/O/IvLwm8cIuqF18sJFHwzYTt7nnB/X0vZ+n0=; b=MjYhKNULTjjy4oztIQXXWNX5f7AlSpy0IRRd+84mKgt9UKA/aUHJGfFUERi9Pn2MBY 4AO7vHWZuztSxqrKj+NUlZTt1V1DdrUlUl8wFogQCr1XKlMn6S4Vw4xCaEptYX71GF8u p7RLQDFzEka6S33J4sqH6hcrzYKpZ57ARgmQsZ1AHEGS1kzzbQXtApK63bpLbEBCCppF l2or+o5fnwMk2tWZyinbQkx6XUzfjbx1lu5r3GGdB/Gjdp5kvyeGA/cLVKHVNJEIhOH3 RWIjYZ64ljPmHq/qqqpguUCc3uf4GYttcdznp2DQrLPI4FRrg5jfzBzqEXn50X/7eCjD VwTA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@mit.edu header.s=outgoing header.b="L08mKA//"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=mit.edu Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q11-20020a170902a3cb00b0016c9a6e0d66si1939037plb.356.2022.07.21.04.30.35; Thu, 21 Jul 2022 04:31:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=fail header.i=@mit.edu header.s=outgoing header.b="L08mKA//"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=mit.edu Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232672AbiGULJt (ORCPT + 99 others); Thu, 21 Jul 2022 07:09:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232345AbiGULJt (ORCPT ); Thu, 21 Jul 2022 07:09:49 -0400 Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A76C182FB3 for ; Thu, 21 Jul 2022 04:09:47 -0700 (PDT) Received: from cwcc.thunk.org (pool-173-48-118-63.bstnma.fios.verizon.net [173.48.118.63]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 26LB9WBf007214 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 21 Jul 2022 07:09:33 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=outgoing; t=1658401774; bh=GPkbqZ/O/IvLwm8cIuqF18sJFHwzYTt7nnB/X0vZ+n0=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=L08mKA//gc+496O/T0yrN5LvKuWe4N2ezMJBUnSj3izz5RXRwEXH+9g6Qyffu3jk4 DAKwd6dYqikULAqkUnryKf7RdFBlzCsdxlNDoSYNZ8OXmAv+fzg2Lu8jim2mHlYkyj Z/vt4X33A3OR9kKSq7Q53xKGtpboko9wnl5AWRiPfL5iQmFwJoFOZ3iDaMzRlrAhjD 7+CvJtyCNESaMHNp4/pSzWQxeKWlsYaPBT0Zovnye86/yOnE90VPoqPdeyIghQVy4i S+NmbE5scAciSduD4o1rstA8co8sZlyKx16sNSPgmHnGO+VkjRwA4mQeaa9le+R+bx oXp5K+lRHN4Bw== Received: by cwcc.thunk.org (Postfix, from userid 15806) id 850EE15C3EBF; Thu, 21 Jul 2022 07:09:32 -0400 (EDT) Date: Thu, 21 Jul 2022 07:09:32 -0400 From: "Theodore Ts'o" To: "Guozihua (Scott)" Cc: Eric Biggers , "Jason A. Donenfeld" , linux-crypto@vger.kernel.org, luto@kernel.org Subject: Re: Inquiry about the removal of flag O_NONBLOCK on /dev/random Message-ID: References: <13e1fa9d-4df8-1a99-ca22-d9d655f2d023@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-4.0 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Jul 21, 2022 at 02:44:54PM +0800, Guozihua (Scott) wrote: > > We have a userspace program that starts pretty early in the boot process and > it tries to fetch random bits from /dev/random with O_NONBLOCK, if that > returns -EAGAIN, it turns to /dev/urandom. Is this a correct handling of > -EAGAIN? Or this is not one of the intended use case of O_NONBLOCK? In addition to the good points which Eric and Jason have raised, the other thing I would ask you is ***why*** is your userspace program trying to fetch random bits early in the boot process? Is it, say, trying to generate a cryptographic key which is security critical. If so, then DON'T DO THAT. There have been plenty of really embarrassing security problems caused by consumer grade products who generate a public/private key pair within seconds of the customer taking the product out of the box, and plugging it into the wall for the first time. At which point, hilarity ensues, unless the box is life- or mission- critical, in which case tragedy ensues.... Is it possible to move the userspace program so it's not being started early in the boot process? What is it doing, and why does it need random data in the first place? - Ted