Tomas Mraz wrote:
> errno has garbage value - this should be fixed by initializing errno to
> 0 before the poll/select calls.
Actually after it returns with timeout - a successfull
syscall is free to set errno to whatever value it wants,
it is only after an error the value has to be meaningful
(I did have this problem a few times).
> The problem is not in the RAND_poll() timeouting - this is fully
> intentional, the function should timeout after 10ms if the random device
> blocks read.
So what should the applications calling openssl actually
do if this happens? Now the ssh/apache/... simply exit,
which is bad (it left me without an access to a remote
I assume they are not calling the method directly, instead
they are using some of the openssl's methods. In the current
situation anyone who actually wants to block until the entropy
is available is simply out of luck :(
> try /dev/urandom, /dev/random, /dev/srandom in this order. So if you for
> example do not have /dev/urandom and have just the blocking /dev/random,
> it is perfectly possible that the RAND_poll returns error.
Both UML guest and host have /dev/urandom. I straced
a ssh, it opens /dev/urandom first, so this should
be OK too.
> The other possibility is that the /dev/urandom is broken
> in UML and blocks if not enough entropy is available.
Good.. let's try it:
int fd = open("/dev/urandom", O_RDONLY|O_NONBLOCK|O_NOCTTY);
int errpoll=0, blocked=0, rdbytes=0,errread=0, nullread=0;
for (i=0; i < 1000000; ++i)
struct pollfd pset;
pset.fd = fd;
pset.events = POLLIN;
pset.revents = 0;
r = poll(&pset, 1, 10);
if (r > 0)
if ((pset.revents & POLLIN) != 0)
r = read(fd, tmp, sizeof(tmp));
if (r < 0)
else if (r==0)
rdbytes += r;
printf("poll returned %d, but POLLIN is false (%x)\n", r, pset.revents);
else if (r == 0)
printf("got %d bytes of entropy, poll err %d, blocked %d times, err read: %d, null
read: %d\n", rdbytes, errpoll, blocked, errread, nullread);
got 3200000 bytes of entropy, poll err 0, blocked 0 times, err read: 0, null read: 0
Tried many many times, even two running at the same time
or poll timeout set to zero, not one instance of blocking
od -x /dev/urandom
od -x /dev/random
running simultaneously (the second one blocks, of course).
Hmmmm.. what the #$%# is happening here.. more ideas?