From: jgunthorpe@obsidianresearch.com (Jason Gunthorpe)
To: linux-arm-kernel@lists.infradead.org
Subject: [RFC/PATCH 0/3] Add devicetree scanning for randomness
Date: Tue, 18 Feb 2014 11:19:27 -0700 [thread overview]
Message-ID: <20140218181927.GE29304@obsidianresearch.com> (raw)
In-Reply-To: <20140217155419.682F7C401D4@trevor.secretlab.ca>
On Mon, Feb 17, 2014 at 03:54:19PM +0000, Grant Likely wrote:
> I applied a patch that did exactly that (109b623629), and then reverted
> it (b920ecc82) shortly thereafter because add_device_randomness() is
> a rather slow function and FDTs can get large. I'd like to see someone
> do a reasonable analysis on the cost of using an FDT for randomness
> before I reapply a patch doing something similar. An awful lot of the
> FDT data is not very random, but there are certainly portions of it that
> are appropriate for the random pool.
I read through the original thread from Tim Bird and FWIW I agree with
the assessment that passing the FDT through MD5 first is a good
approach.
Thinking into the future, I'd expect to see similar variable data in
DT on servers as we see in DMI, including:
- Vendor serial number for the HW, manufacturing date, model number,
and HW UUID
- Serial numbers and vendor part numbers for DIMMS
- MAC addresses for all the ethernet
- OEM specific data
At worst a 'choosen/linux,no-dt-random = 1' value in the DT to disable
it would solve the problem for those in embedded that care about
microseconds during booting.
Regards,
Jason
WARNING: multiple messages have this Message-ID (diff)
From: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
To: Grant Likely <grant.likely@linaro.org>
Cc: Jason Cooper <jason@lakedaemon.net>,
Arnd Bergmann <arnd@arndb.de>,
keescook@chromium.org, devicetree@vger.kernel.org,
Laura Abbott <lauraa@codeaurora.org>,
linux-kernel@vger.kernel.org, Rob Herring <robh+dt@kernel.org>,
Kumar Gala <galak@codeaurora.org>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [RFC/PATCH 0/3] Add devicetree scanning for randomness
Date: Tue, 18 Feb 2014 11:19:27 -0700 [thread overview]
Message-ID: <20140218181927.GE29304@obsidianresearch.com> (raw)
In-Reply-To: <20140217155419.682F7C401D4@trevor.secretlab.ca>
On Mon, Feb 17, 2014 at 03:54:19PM +0000, Grant Likely wrote:
> I applied a patch that did exactly that (109b623629), and then reverted
> it (b920ecc82) shortly thereafter because add_device_randomness() is
> a rather slow function and FDTs can get large. I'd like to see someone
> do a reasonable analysis on the cost of using an FDT for randomness
> before I reapply a patch doing something similar. An awful lot of the
> FDT data is not very random, but there are certainly portions of it that
> are appropriate for the random pool.
I read through the original thread from Tim Bird and FWIW I agree with
the assessment that passing the FDT through MD5 first is a good
approach.
Thinking into the future, I'd expect to see similar variable data in
DT on servers as we see in DMI, including:
- Vendor serial number for the HW, manufacturing date, model number,
and HW UUID
- Serial numbers and vendor part numbers for DIMMS
- MAC addresses for all the ethernet
- OEM specific data
At worst a 'choosen/linux,no-dt-random = 1' value in the DT to disable
it would solve the problem for those in embedded that care about
microseconds during booting.
Regards,
Jason
next prev parent reply other threads:[~2014-02-18 18:19 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-12 1:33 [RFC/PATCH 0/3] Add devicetree scanning for randomness Laura Abbott
2014-02-12 1:33 ` Laura Abbott
[not found] ` < 201402121251.06280.arnd@arndb.de>
2014-02-12 1:33 ` [RFC/PATCH 1/3] of: Add early randomness hooks Laura Abbott
2014-02-12 1:33 ` Laura Abbott
2014-02-12 16:47 ` Grant Likely
2014-02-12 16:47 ` Grant Likely
2014-02-12 16:47 ` Grant Likely
2014-02-12 1:33 ` [RFC/PATCH 2/3] arm: Add ARCH_WANT_OF_RANDOMNESS Laura Abbott
2014-02-12 1:33 ` Laura Abbott
2014-02-12 16:49 ` Grant Likely
2014-02-12 16:49 ` Grant Likely
2014-02-12 16:49 ` Grant Likely
2014-02-13 0:54 ` Laura Abbott
2014-02-13 0:54 ` Laura Abbott
2014-02-13 0:54 ` Laura Abbott
2014-02-12 1:33 ` [RFC/PATCH 3/3] init: Move stack canary initialization after setup_arch Laura Abbott
2014-02-12 1:33 ` Laura Abbott
2014-02-12 11:51 ` [RFC/PATCH 0/3] Add devicetree scanning for randomness Arnd Bergmann
2014-02-12 11:51 ` Arnd Bergmann
2014-02-12 11:51 ` Arnd Bergmann
2014-02-12 17:45 ` Jason Cooper
2014-02-12 17:45 ` Jason Cooper
2014-02-12 17:45 ` Jason Cooper
2014-02-12 18:13 ` Olof Johansson
2014-02-12 18:13 ` Olof Johansson
2014-02-12 18:13 ` Olof Johansson
2014-02-12 18:32 ` Jason Cooper
2014-02-12 18:32 ` Jason Cooper
2014-02-12 18:32 ` Jason Cooper
2014-02-12 18:17 ` Arnd Bergmann
2014-02-12 18:17 ` Arnd Bergmann
2014-02-12 18:17 ` Arnd Bergmann
2014-02-12 18:45 ` Jason Cooper
2014-02-12 18:45 ` Jason Cooper
2014-02-12 18:45 ` Jason Cooper
2014-02-12 19:12 ` Arnd Bergmann
2014-02-12 19:12 ` Arnd Bergmann
2014-02-12 19:43 ` Jason Cooper
2014-02-12 19:43 ` Jason Cooper
2014-02-12 23:55 ` Rob Herring
2014-02-12 23:55 ` Rob Herring
2014-02-12 23:55 ` Rob Herring
2014-02-12 18:20 ` Jason Gunthorpe
2014-02-12 18:20 ` Jason Gunthorpe
2014-02-12 18:20 ` Jason Gunthorpe
2014-02-12 18:51 ` Jason Cooper
2014-02-12 18:51 ` Jason Cooper
2014-02-12 18:51 ` Jason Cooper
2014-02-17 15:54 ` Grant Likely
2014-02-17 15:54 ` Grant Likely
2014-02-17 16:13 ` Arnd Bergmann
2014-02-17 16:13 ` Arnd Bergmann
2014-02-17 16:13 ` Arnd Bergmann
2014-02-17 18:23 ` Jason Cooper
2014-02-17 18:23 ` Jason Cooper
2014-02-17 21:07 ` Geert Uytterhoeven
2014-02-17 21:07 ` Geert Uytterhoeven
2014-02-18 17:56 ` Jason Cooper
2014-02-18 17:56 ` Jason Cooper
2014-02-18 17:56 ` Jason Cooper
2014-02-18 9:39 ` Grant Likely
2014-02-18 9:39 ` Grant Likely
2014-02-18 9:39 ` Grant Likely
2014-02-18 18:19 ` Jason Gunthorpe [this message]
2014-02-18 18:19 ` Jason Gunthorpe
2014-02-12 21:35 ` Kees Cook
2014-02-12 21:35 ` Kees Cook
2014-02-13 0:06 ` Laura Abbott
2014-02-13 0:06 ` Laura Abbott
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140218181927.GE29304@obsidianresearch.com \
--to=jgunthorpe@obsidianresearch.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.