Re: [PATCH] API for true Random Number Generators to add entropy(2.6.11)

From: Evgeniy Polyakov
Date: Fri Mar 25 2005 - 19:22:17 EST

Next message: Badari Pulavarty: "Re: [Ext2-devel] Re: OOM problems on 2.6.12-rc1 with many fsx tests"
Previous message: Dave Jones: "Re: OOM problems on 2.6.12-rc1 with many fsx tests"
In reply to: Herbert Xu: "Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)"
Next in thread: Herbert Xu: "Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 26 Mar 2005 10:47:45 +1100
Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:

> On Fri, Mar 25, 2005 at 06:43:49PM -0500, Jeff Garzik wrote:
> >
> > In any case, it is the wrong solution to simply "turn on the tap" and
> > let the RNG spew data. There needs to be a limiting factor... typically
> > rngd should figure out when /dev/random needs more entropy, or simply
> > delay a little bit between entropy collection/stuffing runs.
>
> Completely agreed. Having it in rngd also allows the scheduler to
> do its job.

It looks like we all misunderstand each other -
why do you think that if there will be kernel <-> kernel
RNG dataflow, then system will continuously spent all
it's time to produce that data?
_Ability_ existence does not mean that only it must be used.
Userspace daemon should be able to turn it on or off,
but it is too expensive to allow it to be not only dataflow
controller, but the only random numbers dataflow initiator.

I can create following patch on top of rngd -
it will read from /dev/random, if read succeds too fast
(or even better just to check pool counts), then rngd
will turn HW RNG assist off and examine received data
to check if it is valid.
Later it can be turned on again.

> When applications need entropy from /dev/random and they can't get it,
> they'll simply block which allows rngd to run to refill the tank.

Such a blocking will be definitely a sign to turn
HW RNG assist on.

> --
> Visit Openswan at http://www.openswan.org/
> Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Evgeniy Polyakov

Only failure makes us experts. -- Theo de Raadt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Badari Pulavarty: "Re: [Ext2-devel] Re: OOM problems on 2.6.12-rc1 with many fsx tests"
Previous message: Dave Jones: "Re: OOM problems on 2.6.12-rc1 with many fsx tests"
In reply to: Herbert Xu: "Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)"
Next in thread: Herbert Xu: "Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]