Linux getrandom() support

Bernd ecki at zusammenkunft.net
Mon Oct 6 18:23:53 UTC 2014


Hello,

I think this here is a good start. It shows good the background:

http://lwn.net/Articles/605828/

the details have changed meanwhile, so the new proposed manpage has it:

http://www.spinics.net/lists/linux-man/msg07010.html

The biggie is, that you can use urandom semantic (i.e. not specify
GRND_RANDOM) but still only get bytes if the machine was seeded at boot
(and block or fail in those cases).

Greetings
Bernd



2014-10-06 18:26 GMT+02:00 Bradford Wetmore <bradford.wetmore at oracle.com>:

>
> Worth looking into, but no plans at the moment.
>
> Do you have a link?
>
> Brad
>
>
>
>
> On 10/5/2014 7:44 PM, Bernd wrote:
>
>> Hello,
>>
>> Is there already support for the upcoming getrandom() syscall in Linux
>> 3.17 kernel planned? I guess this would be a good feature for SSL and
>> the strong SecureRandom variant (by setting the 128bit entropy required
>> flag).
>>
>> It would be good if this is supported out of the box, especially to
>> avoid problems when the dev files are missing in some
>> container/virtualisation systems.
>>
>> Greetings
>> Bernd
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/security-dev/attachments/20141006/e5265dfb/attachment.html>


More information about the security-dev mailing list