diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2022-03-06 22:15:44 -0700 |
---|---|---|
committer | Luca Boccassi <luca.boccassi@gmail.com> | 2022-03-14 19:47:13 +0000 |
commit | ffa047a03e4c5f6bd3af73b7eecb99cd230fe204 (patch) | |
tree | ec7d89170b956d63cb5ac04a4e77251d77aea7bc /src/libsystemd/sd-id128 | |
parent | e28770e3674c42365eb22adf35a556e8cccb9bfb (diff) | |
download | systemd-ffa047a03e4c5f6bd3af73b7eecb99cd230fe204.tar.gz |
random-util: remove RDRAND usage
/dev/urandom is seeded with RDRAND. Calling genuine_random_bytes(...,
..., 0) will use /dev/urandom as a last resort. Hence, we gain nothing
here by having our own RDRAND wrapper, because /dev/urandom already is
based on RDRAND output, even before /dev/urandom has fully initialized.
Furthermore, RDRAND is not actually fast! And on each successive
generation of new x86 CPUs, from both AMD and Intel, it just gets
slower.
This commit simplifies things by just using /dev/urandom in cases where
we before might use RDRAND, since /dev/urandom will always have RDRAND
mixed in as part of it.
And above where I say "/dev/urandom", what I actually mean is
GRND_INSECURE, which is the same thing but won't generate warnings in
dmesg.
Diffstat (limited to 'src/libsystemd/sd-id128')
-rw-r--r-- | src/libsystemd/sd-id128/sd-id128.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/src/libsystemd/sd-id128/sd-id128.c b/src/libsystemd/sd-id128/sd-id128.c index 46269c2cc2..09c3401ca1 100644 --- a/src/libsystemd/sd-id128/sd-id128.c +++ b/src/libsystemd/sd-id128/sd-id128.c @@ -276,9 +276,7 @@ _public_ int sd_id128_randomize(sd_id128_t *ret) { assert_return(ret, -EINVAL); - /* We allow usage if x86-64 RDRAND here. It might not be trusted enough for keeping secrets, but it should be - * fine for UUIDS. */ - r = genuine_random_bytes(&t, sizeof t, RANDOM_ALLOW_RDRAND); + r = genuine_random_bytes(&t, sizeof(t), 0); if (r < 0) return r; |