[systemd-devel] Why we need to read/save random seed?

cee1 fykcee1 at gmail.com
Mon Jun 15 08:33:34 PDT 2015 

Hi,

I maybe got confused.

First, systemd-random-seed.service will save a "seed" from
/dev/urandom when shutdown, and load that "seed" to /dev/urandom when
next boot up.

My questions are:
1. Can we not save a seed, but load a seed that is read from **
/dev/random ** to ** /dev/urandom **?
2. Saving a seed on disk, and someone reads the content of it later,
will this make the "urandom" predictable?

Talking about /dev/random, it consumes an internal entropy pool, some
system events(disk reading/page fault, etc) enlarges this pool, am I
right?

And write to /dev/random will mix the input data into the pool, but
not enlarge it, right?  What benefits can it get when only mix data
but not enlarge the entropy pool?

3.16+ will mix data from HWRNG, does it also enlarges the entropy pool?


2015-06-15 8:40 GMT+08:00 Dax Kelson <dkelson at gurulabs.com>:
>
> On Jun 14, 2015 10:11 AM, "Cristian Rodríguez"
> <cristian.rodriguez at opensuse.org> wrote:
>>
>> On Sun, Jun 14, 2015 at 1:43 PM, Greg KH <gregkh at linuxfoundation.org>
>> wrote:
>> > On Sun, Jun 14, 2015 at 12:49:55PM -0300, Cristian Rodríguez wrote:
>>
>>
>> Las time I checked , it required this userspace help even when the
>> machine has rdrand/rdseed or when a virtual machine is fed from the
>> host using the virtio-rng driver.. (may take up to 60 seconds to
>> report
>> random: nonblocking pool is initialized) Any other possible solution
>> that I imagined involves either blocking and/or changes in the
>> behaviour visible to userspace and that is probably unacceptable
>> .
>
> I added the following text to Wikipedia's /dev/random page.
>
> "With Linux kernel 3.16 and newer, the kernel itself mixes data from
> hardware random number generators into/dev/random on a sliding scale based
> on the definable entropy estimation quality of the HWRNG. This means that no
> userspace daemon, such as rngd from rng-toolsis needed to do that job. With
> Linux kernel 3.17+, the VirtIO RNG was modified to have a default quality
> defined above 0, and as such, is currently the only HWRNG mixed into
> /dev/random by default."
>
>
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>



-- 
Regards,

- cee1

More information about the systemd-devel mailing list