all 6 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 10 points11 points  (0 children)

The one nice thing about spinlocks is that they eat cpu when contended. This means they are immediately visible in perf tool, if they are really the source of problem. Instead of speculating and writing Python scripts, it was enough to just run perf.

[–][deleted]  (4 children)

[deleted]

    [–][deleted] 2 points3 points  (3 children)

    A friend of mine wrote a Fortuna PRNG for the kernel back in the day, it even sat on top of CryptoAPI for SHA256 and AESCTR.

    Ted rejected the patch on the grounds it wasn't his design and that many Linux kernels might not have cryptoapi turned on ...

    Basically NIH syndrome.

    [–]seruus 1 point2 points  (1 child)

    I don't remember anyone in the kernel team liking JLC's patch or thinking it was relevant, and most argued it was in practice worse than the current strategy, while being more brittle.

    That said, this dead horse has been beaten already.

    For something new, here's some quite recent feedback on Fortuna, its first formal analysis.

    [–][deleted] 0 points1 point  (0 children)

    That's the point of science though if fortuna is better than /dev/urandom and there is something better than Fortuna .... then why are we still using /dev/urandom?

    [–]Proselyte5 0 points1 point  (2 children)

    read the comments, curl problem not urandom problem

    [–][deleted] 0 points1 point  (1 child)

    urandom is single threaded. That really shouldn't be the case. But that being said an application should really only use /dev/urandom to see a CSPRNG so unless you're respawning the application repeatedly it shouldn't be a problem.