summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>2019-06-05 11:09:46 +0200
committerDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>2019-06-09 09:53:39 +0200
commitad416c80581c181f3c96f47c670626bf3ff58410 (patch)
treed9a5a0c73c7ecf872d5be38e983fd2951d8198bb /crypto
parent7febec94858da85afe59bd70a3e728b724ed1ea0 (diff)
Revert the DEVRANDOM_WAIT feature
The DEVRANDOM_WAIT feature added a select() call to wait for the `/dev/random` device to become readable before reading from the `/dev/urandom` device. It was introduced in commit 38023b87f037 in order to mitigate the fact that the `/dev/urandom` device does not block until the initial seeding of the kernel CSPRNG has completed, contrary to the behaviour of the `getrandom()` system call. It turned out that this change had negative side effects on performance which were not acceptable. After some discussion it was decided to revert this feature and leave it up to the OS resp. the platform maintainer to ensure a proper initialization during early boot time. Fixes #9078 This partially reverts commit 38023b87f037. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (cherry picked from commit a08714e18131b1998faa0113e5bd4024044654ac) (Merged from https://github.com/openssl/openssl/pull/9118)
Diffstat (limited to 'crypto')
-rw-r--r--crypto/rand/rand_unix.c23
1 files changed, 0 insertions, 23 deletions
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 4710dbb2d1..4b91903f20 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -510,29 +510,6 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
{
size_t i;
-#ifdef DEVRANDOM_WAIT
- static int wait_done = 0;
-
- /*
- * On some implementations reading from /dev/urandom is possible
- * before it is initialized. Therefore we wait for /dev/random
- * to be readable to make sure /dev/urandom is initialized.
- */
- if (!wait_done && bytes_needed > 0) {
- int f = open(DEVRANDOM_WAIT, O_RDONLY);
-
- if (f >= 0) {
- fd_set fds;
-
- FD_ZERO(&fds);
- FD_SET(f, &fds);
- while (select(f+1, &fds, NULL, NULL, NULL) < 0
- && errno == EINTR);
- close(f);
- }
- wait_done = 1;
- }
-#endif
for (i = 0; bytes_needed > 0 && i < OSSL_NELEM(random_device_paths); i++) {
ssize_t bytes = 0;