[LTP] [PATCH] getrandom02: relax check for returned data
Jiri Jaburek
jjaburek@redhat.com
Wed Feb 8 12:23:55 CET 2017
On 02/07/17 18:30, Cyril Hrubis wrote:
> Hi!
>>> This wouldn't for instance when the random output is filled with
>>> non-zero constant bytes...
>>>
>>> What about just fixing the max value to something as:
>>>
>>> max = 3 + nb * 0.2;
>>>
>>> The constat part should handle cases with small buffer and a few
>>> repeating characters while for larger buffer it's neglectible.
>>
>> In that case we may as well skip the check for small buffers.
>
> The probability of a failure, given that the distribution is random,
> would be:
>
> 256 * {N \choose max} / (256 ^ max)
>
<snip>
If you're interested in that level of randomness verification (although
I would suggest splitting it from the getrandom syscall, so it could
test ie. /dev/urandom output as well as both should be internally the
same), take a look at rng-tools implementation of some of FIPS-140 at
http://gkernel.cvs.sourceforge.net/viewvc/gkernel/rng-tools/
(fips.c / rngtest.c)
This would AFAIK cover most catastrophic failures of HW RNGs, although
on Linux, you're really testing just the CSPRNG,
http://lxr.free-electrons.com/source/drivers/char/random.c
Jiri
More information about the ltp
mailing list