normanr commented on code in PR #6154: URL: https://github.com/apache/incubator-nuttx/pull/6154#discussion_r896375519
########## net/tcp/tcp_conn.c: ########## @@ -49,6 +49,7 @@ #include <assert.h> #include <errno.h> #include <debug.h> +#include <sys/random.h> Review Comment: > I had tested arc4random_buf, it generated the exact same sequence when system is booted. `board_init_rngseed` needs to be implemented to fix this (and `CONFIG_BOARD_INITRNGSEED` enabled). Weirdly it doesn't look like that doesn't seem like random_pool will "self-init" if `ARCH_HAVE_RNG` is present. > This was the reason I didn't call arc4random_buf. This is unsafe, and will cause tcp connection to fail. Is getrandom any safer? It just reads from `/dev/urandom` which (if it exists) probably isn't cyptographically secure. If that fails it falls back to reading from `/dev/random` (which requires `ARCH_HAVE_RNG`). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@nuttx.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
