From: "H. Peter Anvin" <hpa@linux.intel.com>
To: Jeff Garzik <jgarzik@pobox.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@elte.hu>,
Thomas Gleixner <tglx@linutronix.de>,
Fenghua Yu <fenghua.yu@intel.com>, Matt Mackall <mpm@selenic.com>,
Herbert Xu <herbert@gondor.hengli.com.au>,
"Theodore Ts'o" <tytso@mit.edu>,
linux-kernel@vger.kernel.org
Subject: Re: [RFD] Direct support for the x86 RDRAND instruction
Date: Fri, 29 Jul 2011 14:17:14 -0700 [thread overview]
Message-ID: <4E33235A.5050700@linux.intel.com> (raw)
In-Reply-To: <4E3320A2.1040808@pobox.com>
On 07/29/2011 02:05 PM, Jeff Garzik wrote:
>
> This does not cover the one question I [predictably] have: why not do
> this in rngd, rather than the kernel?
>
That is actually why I didn't do the /dev/random aspect of this. I have
an rngd enabling patch in the works as well.
The reason for not using RDRAND *only* in rngd is that it is a poor
match -- RDRAND is designed as a /dev/urandom-type replacement, but it
is *way* faster than the in-kernel system (since it is all in
hardware)... plus it is reseeded far more frequently than what is
possible in software (the architectural spec guarantees a reseed every
512 reads; I am told by the hardware people that in reality it is way
more frequent than that.)
For /dev/random, we do want to be hyper-conservative, though. rngd in
its current form doesn't deal with fractional entropy, which means
boiling it down to guaranteed pure entropy; this is an enormous data
reduction and about three orders of magnitude reduction in bandwidth.
For /dev/random, I think that is just fine; after all, if you're asking
for /dev/random, you're asking for security at every cost.
> Since many (all?) TPM chips include a random number generator, Dell has
> made sure that most distros have a useful copy of the rng-tools
> userspace pkg I've been maintaining.
>
> It would seem straightforward to add this to rngd, and enable RDRAND on
> older distros and kernels, as well as current distros / kernels. This
> also gets useful entropy to /dev/random as part of normal operation,
> rather than only merely speeding up /dev/urandom.
>
> Though for the record, I do agree that this is a nice, small and clean
> kernel implementation.
As previously stated, I have that patch in the works as well.
-hpa
next prev parent reply other threads:[~2011-07-29 21:17 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-29 20:37 [RFD] Direct support for the x86 RDRAND instruction H. Peter Anvin
2011-07-29 20:37 ` [PATCH 1/2] random: Add support for architectural random hooks H. Peter Anvin
2011-07-29 21:16 ` Matt Mackall
2011-07-30 6:20 ` Linus Torvalds
2011-07-30 16:34 ` Arjan van de Ven
2011-07-30 17:45 ` Matt Mackall
2011-07-30 18:20 ` Linus Torvalds
2011-07-30 19:13 ` Matt Mackall
2011-07-30 19:29 ` Linus Torvalds
2011-07-30 22:25 ` Ted Ts'o
2011-07-31 1:13 ` Linus Torvalds
2011-07-31 1:32 ` H. Peter Anvin
2011-07-31 1:43 ` Linus Torvalds
2011-07-31 21:26 ` [PATCH v3 0/3] Add support for architectural random number generator H. Peter Anvin
2011-07-31 21:26 ` [PATCH v3 1/3] random: Add support for architectural random hooks H. Peter Anvin
2011-07-31 21:26 ` [PATCH v3 2/3] x86, random: Architectural inlines to get random integers with RDRAND H. Peter Anvin
2011-07-31 21:26 ` [PATCH v3 3/3] x86, random: Verify RDRAND functionality and allow it to be disabled H. Peter Anvin
2011-08-05 12:00 ` [PATCH v3 0/3] Add support for architectural random number generator Herbert Xu
2011-08-05 16:28 ` H. Peter Anvin
2011-08-06 0:09 ` Herbert Xu
2011-07-29 20:37 ` [PATCH 2/2] x86, random: " H. Peter Anvin
2011-07-29 21:05 ` [RFD] Direct support for the x86 RDRAND instruction Jeff Garzik
2011-07-29 21:17 ` H. Peter Anvin [this message]
2011-07-30 6:03 ` Linus Torvalds
2011-07-30 22:26 ` [PATCH v2 0/2] Add support for architectural random number generator H. Peter Anvin
2011-07-30 22:26 ` [PATCH v2 1/2] random: Add support for architectural random hooks H. Peter Anvin
2011-07-30 22:26 ` [PATCH v2 2/2] x86, random: Add support for architectural random number generator H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E33235A.5050700@linux.intel.com \
--to=hpa@linux.intel.com \
--cc=fenghua.yu@intel.com \
--cc=herbert@gondor.hengli.com.au \
--cc=hpa@zytor.com \
--cc=jgarzik@pobox.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=mpm@selenic.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.