From: Eric Dumazet <dada1@cosmosbay.com>
To: Matt Mackall <mpm@selenic.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Adrian Bunk <bunk@kernel.org>,
Marc Haber <mh+linux-kernel@zugschlus.de>,
linux-kernel@vger.kernel.org,
"David S. Miller" <davem@davemloft.net>
Subject: Re: Why does reading from /dev/urandom deplete entropy so much?
Date: Thu, 06 Dec 2007 08:02:33 +0100 [thread overview]
Message-ID: <47579E89.6080802@cosmosbay.com> (raw)
In-Reply-To: <20071205212646.GP17536@waste.org>
Matt Mackall a écrit :
> On Tue, Dec 04, 2007 at 07:17:58PM +0100, Eric Dumazet wrote:
>> Alan Cox a ?crit :
>>>> No matter what you consider as being better, changing a 12 years old and
>>>> widely used userspace interface like /dev/urandom is simply not an
>>>> option.
>>>>
>>> Fixing it to be more efficient in its use of entropy and also fixing the
>>> fact its not actually a good random number source would be worth looking
>>> at however.
>>>
>> Yes, since current behavior on network irq is very pessimistic.
>
> No, it's very optimistic. The network should not be trusted.
You keep saying that. I am refering to your previous attempts last year to
remove net drivers from sources of entropy. No real changes were done.
If the network should not be trusted, then a patch should make sure network
interrupts feed /dev/urandom but not /dev/random at all. (ie not calling
credit_entropy_store() at all)
>
> The distinction between /dev/random and /dev/urandom boils down to one
> word: paranoia. If you are not paranoid enough to mistrust your
> network, then /dev/random IS NOT FOR YOU. Use /dev/urandom. Do not
> send patches to make /dev/random less paranoid, kthxbye.
I have many tg3 adapters on my servers, receiving thousand of interrupts per
second, and calling add_timer_randomness(). I would like to either :
- Make sure this stuff is doing usefull job.
- Make improvements to reduce cpu time used.
I do not use /dev/urandom or/and /dev/random, but I know David wont accept a
patch to remove IRQF_SAMPLE_RANDOM from tg3.c
Currently, I see that current implementation is suboptimal because it calls
credit_entropy_store( nbits=0) forever.
>
>> If you have some trafic, (ie more than HZ/2 interrupts per second),
>> then add_timer_randomness() feeds
>> some entropy but gives no credit (calling credit_entropy_store() with
>> nbits=0)
>>
>> This is because we take into account only the jiffies difference, and
>> not the get_cycles() that should give
>> us more entropy on most plaforms.
>
> If we cannot measure a difference, we should nonetheless assume there
> is one?
There is a big difference on get_cycles() and jiffies. You should try to
measure it on a typical x86_64 platform.
>
>> In this patch, I suggest that we feed only one u32 word of entropy,
>> combination of the previous distinct
>> words (with some of them being constant or so), so that the nbits
>> estimation is less pessimistic, but also to
>> avoid injecting false entropy.
>
> Umm.. no, that's not how it works at all.
>
> Also, for future reference, patches for /dev/random go through me, not
> through Dave.
>
Why ? David is the network maintainer, and he was the one who rejected your
previous patches.
next prev parent reply other threads:[~2007-12-06 7:03 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-04 11:41 Why does reading from /dev/urandom deplete entropy so much? Marc Haber
2007-12-04 14:16 ` Eric Dumazet
2007-12-04 16:18 ` Adrian Bunk
2007-12-04 16:47 ` Alan Cox
2007-12-04 18:17 ` Eric Dumazet
2007-12-05 21:26 ` Matt Mackall
2007-12-06 7:02 ` Eric Dumazet [this message]
2007-12-06 16:09 ` Matt Mackall
2007-12-09 12:42 ` Marc Haber
2007-12-09 16:16 ` Matt Mackall
2007-12-10 23:06 ` Marc Haber
2007-12-10 23:35 ` Matt Mackall
2007-12-11 1:34 ` Theodore Tso
2007-12-11 19:46 ` Phillip Susi
2007-12-11 20:02 ` Ray Lee
2007-12-12 5:34 ` David Schwartz
2007-12-04 16:54 ` Ray Lee
2007-12-04 16:55 ` Alan Cox
2007-12-04 18:02 ` Matt Mackall
2007-12-04 19:50 ` Theodore Tso
2007-12-04 20:36 ` Matt Mackall
2007-12-04 20:40 ` Alan Cox
2007-12-04 20:48 ` Mike McGrath
2007-12-04 21:54 ` Matt Mackall
2007-12-04 22:03 ` Theodore Tso
2007-12-04 22:12 ` Mike McGrath
2007-12-04 22:28 ` Matt Mackall
2007-12-04 21:08 ` Matt Mackall
2007-12-04 21:18 ` Mike McGrath
2007-12-04 22:15 ` Matt Mackall
2007-12-04 22:23 ` Mike McGrath
2007-12-04 22:33 ` Matt Mackall
2007-12-05 14:26 ` Mike McGrath
2007-12-05 14:49 ` Theodore Tso
2007-12-08 7:38 ` Jon Masters
2007-12-08 17:32 ` Theodore Tso
2007-12-08 17:33 ` Mike McGrath
2007-12-08 17:49 ` Theodore Tso
2007-12-08 17:54 ` Jon Masters
2007-12-08 18:15 ` Matt Mackall
2007-12-08 18:24 ` Theodore Tso
2007-12-08 19:36 ` entropy gathering (was Re: Why does reading from /dev/urandom deplete entropy so much?) Jeff Garzik
2007-12-08 19:53 ` Matt Mackall
2007-12-08 20:04 ` Jeff Garzik
2007-12-08 20:19 ` Matt Mackall
2007-12-08 21:07 ` Willy Tarreau
2007-12-08 20:31 ` Theodore Tso
2007-12-08 20:47 ` Jeff Garzik
2007-12-08 20:42 ` Willy Tarreau
2007-12-08 23:47 ` Theodore Tso
2007-12-09 1:07 ` Jon Masters
2007-12-08 18:31 ` Why does reading from /dev/urandom deplete entropy so much? Jeff Garzik
2007-12-08 20:26 ` David Schwartz
2007-12-08 17:43 ` Matt Mackall
2007-12-08 17:47 ` Jon Masters
2007-12-08 18:05 ` Theodore Tso
2007-12-08 17:45 ` Jon Masters
2007-12-10 16:37 ` Pavel Machek
2007-12-04 18:01 ` Matt Mackall
2007-12-06 20:08 ` Bill Davidsen
2007-12-05 12:23 ` Marc Haber
2007-12-05 12:29 ` Marc Haber
2007-12-05 13:33 ` Theodore Tso
2007-12-05 15:10 ` Marc Haber
2007-12-06 19:32 ` Bill Davidsen
2007-12-08 22:03 ` Adrian Bunk
2007-12-08 22:10 ` Ismail Dönmez
2007-12-08 23:46 ` Theodore Tso
2007-12-09 5:21 ` Willy Tarreau
2007-12-09 6:52 ` Jon Masters
2007-12-09 6:21 ` Ismail Dönmez
2007-12-09 12:31 ` Theodore Tso
2007-12-09 14:06 ` Ismail Dönmez
2007-12-11 15:42 ` Bill Davidsen
2007-12-20 22:27 ` Marc Haber
2007-12-26 18:27 ` Phillip Susi
2007-12-04 18:49 ` Russ Dill
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47579E89.6080802@cosmosbay.com \
--to=dada1@cosmosbay.com \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=bunk@kernel.org \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=mh+linux-kernel@zugschlus.de \
--cc=mpm@selenic.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.