This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author Colm Buckley
Recipients Colm Buckley, Lukasa, alex, christian.heimes, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane
Date 2016-06-07.13:49:23
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1465307363.87.0.291053788091.issue26839@psf.upfronthosting.co.za>
In-reply-to
Content
Donald -

With the greatest respect, you're talking about introducing multi-minute delays into the startup times of hundreds of millions of systems, regardless of whether they have a proximate requirement for cryptographically-secure RNG sources. I don't think that's reasonable. My servers start up in about fifteen seconds with this patch applied, or over two minutes without.

Note; it's perfectly possible for getrandom() to block *indefinitely* - in the trigger case here (systemd's crontab generator), it times out after 90 seconds rather than eventually succeeding. If (for example), a Python script is called before device initialization, it's quite possible that there will *never* be enough entropy in the system to satisfy getrandom(), resulting in a non-booting system.

To reiterate; the overwhelming majority of applications (in particular, anything which is called after the entropy pool is initialized, which typically happens once networking, USB etc. are running) will use perfectly acceptable random sources. The only applications affected by this patch are those which call getrandom() very early in the boot process.

I feel you're tilting at a very impractical windmill.
History
Date User Action Args
2016-06-07 13:49:23Colm Buckleysetrecipients: + Colm Buckley, lemburg, rhettinger, doko, vstinner, larry, christian.heimes, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, Lukasa, thomas-petazzoni
2016-06-07 13:49:23Colm Buckleysetmessageid: <1465307363.87.0.291053788091.issue26839@psf.upfronthosting.co.za>
2016-06-07 13:49:23Colm Buckleylinkissue26839 messages
2016-06-07 13:49:23Colm Buckleycreate