util: fall back to reading /dev/urandom when getrandom() blocks
With recent changes in the Linux kernel, the getrandom() system call may block for a long time after boot on machines that don't have enough entropy. It blocks the chronyd's initialization before it can detach from the terminal and may cause a chronyd service to fail to start due to a timeout. At least for now, enable the GRND_NONBLOCK flag to make the system call non-blocking and let the code fall back to reading /dev/urandom (which never blocks) if the system call failed with EAGAIN or any other error. This makes the start of chronyd non-deterministic with respect to files that it needs to open and possibly also makes it slightly easier to guess the transmit/receive timestamp in client requests until the urandom source is fully initialized.
This commit is contained in:
Miroslav Lichvar
parent
8cbc68f28f
commit
7c5bd948bb
1 changed files with 1 additions and 1 deletions
2
util.c
2
util.c
|
|
@ -1224,7 +1224,7 @@ get_random_bytes_getrandom(char *buf, unsigned int len)
|
|||
if (disabled)
|
||||
break;
|
||||
|
||||
if (getrandom(rand_buf, sizeof (rand_buf), 0) != sizeof (rand_buf)) {
|
||||
if (getrandom(rand_buf, sizeof (rand_buf), GRND_NONBLOCK) != sizeof (rand_buf)) {
|
||||
disabled = 1;
|
||||
break;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue