Random Is Faster, More Randomness In Linux 3.13
The /dev/random changes went in for the Linux 3.13 kernel and this pull request was even interesting for the very promising next kernel release. While not in Linux 3.13, it's mentioned the Linux kernel might also end up taking a security feature from the FreeBSD playbook.
The /dev/random changes sent in by Ted Ts'o for the Linux 3.13 merge window include performance improvements, changes to avoid wasting entropy, improved tracking of entropy estimates, and improved non-x86 platform support. The non-x86 improvement is for other systems that have a register not useful enough for fine-grained timekeeping but sufficient for use by the random driver.
Kernel messages are also now printed when code is trying to use /dev/urandom before it's fully setup at boot time since it could represent a security issue relying upon random without being really random where it would be predictable for use on possible attacks, but it doesn't appear to be an issue for modern x86 systems.
This early use of the random driver at boot time might be an issue right now for ARM and MIPS embedded/mobile systems according to Ted Ts'o. A future change being evaluated is to follow the FreeBSD kernel security approach of blocking processes that are trying to read from /dev/urandom until it's ready.
More details on the random changes for Linux 3.13 can be found from this Git merge message.
Latest Articles & Reviews
Latest Linux News
Most Viewed News This Week