crypto: Add option to use getrandom()
According to random(4) manual, /dev/random is essentially deprecated on Linux for quite some time: "The /dev/random interface is considered a legacy interface, and /dev/urandom is preferred and sufficient in all use cases, with the exception of applications which require randomness during early boot time; for these applications, getrandom(2) must be used instead, because it will block until the entropy pool is initialized." An attempt to use it would cause unnecessary blocking on machines without a good hwrng even when it shouldn't be needed. Since Linux 3.17, a getrandom(2) call is available that will block only until the randomness pool has been seeded. It is probably not a good default yet as it requires a fairly recent kernel and glibc (3.17 and 2.25 respectively). Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
This commit is contained in:
Lubomir Rintel
Jouni Malinen
parent
2a54979695
commit
89a7cdd690
5 changed files with 72 additions and 18 deletions
|
|
@ -1532,6 +1532,9 @@ endif
|
|||
ifdef CONFIG_NO_RANDOM_POOL
|
||||
CFLAGS += -DCONFIG_NO_RANDOM_POOL
|
||||
else
|
||||
ifdef CONFIG_GETRANDOM
|
||||
CFLAGS += -DCONFIG_GETRANDOM
|
||||
endif
|
||||
OBJS += ../src/crypto/random.o
|
||||
endif
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue