From: Theodore Ts'o <tytso@mit.edu>
To: "Pan, Miaoqing" <miaoqing@qti.qualcomm.com>
Cc: Jason Cooper <jason@lakedaemon.net>,
Stephan Mueller <smueller@chronox.de>,
"Sepehrdad, Pouyan" <pouyans@qti.qualcomm.com>,
"herbert@gondor.apana.org.au" <herbert@gondor.apana.org.au>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
ath9k-devel <ath9k-devel@qca.qualcomm.com>,
"linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>,
"ath9k-devel@lists.ath9k.org" <ath9k-devel@lists.ath9k.org>,
Kalle Valo <kvalo@codeaurora.org>
Subject: Re: [PATCH v2] RANDOM: ATH9K RNG delivers zero bits of entropy
Date: Tue, 9 Aug 2016 07:56:22 -0400 [thread overview]
Message-ID: <20160809115622.GG9515@thunk.org> (raw)
In-Reply-To: <99963d34acea47bbacb3ca73b18fed9f@aptaiexm02f.ap.qualcomm.com>
On Tue, Aug 09, 2016 at 06:30:03AM +0000, Pan, Miaoqing wrote:
> Agree with Jason's point, also understand Stephan's concern. The
> date rate can be roughly estimated by 'cat /dev/random |rngtest -c
> 1000', the average speed is 1111.294Kibits/s. I will sent the patch
> to disable ath9k RNG by default.
If the ATH9K is generating some random amount of data, but you don't
know how random, and you're gathering it opportunistically --- for
example, suppose a wireless driver gets the radio's signal strength
through the normal course of its operation, and while there might not
be that much randomness for someone who can observe the exact details
of how the phone is positioned in the room --- but for which the
analyst sitting in Fort Meade won't know whether or not the phone is
on the desk, or in a knapsack under the table, the right interface to
use is:
void add_device_randomness(const void *buf, unsigned int size);
This won't increase the entropy count, but if you have the bit of
potential randomness "for free", you might as well contribute it to
the entropy pool. If it turns out that the chip was manufactured in
China, and the MSS has backdoored it out the wazoo, it won't do any
harm --- where as using the hwrng framework would be disastrous.
Cheerfs,
- Ted
next prev parent reply other threads:[~2016-08-09 11:56 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-05 15:08 [RFC][PATCH] RANDOM: ATH9K RNG delivers zero bits of entropy Stephan Mueller
2016-08-06 19:45 ` Jason Cooper
2016-08-06 20:03 ` Stephan Mueller
2016-08-06 20:16 ` Jason Cooper
2016-08-07 9:36 ` [PATCH v2] " Stephan Mueller
2016-08-08 2:03 ` Pan, Miaoqing
2016-08-08 6:41 ` Stephan Mueller
2016-08-08 17:29 ` Jason Cooper
2016-08-08 22:04 ` Jason Cooper
2016-08-09 6:30 ` Pan, Miaoqing
2016-08-09 11:56 ` Theodore Ts'o [this message]
2016-08-09 14:04 ` Jason Cooper
2016-08-10 23:44 ` Theodore Ts'o
2016-08-14 18:11 ` Jason Cooper
2016-08-15 11:01 ` Kalle Valo
2016-09-27 14:44 ` [v2] " Kalle Valo
2016-09-27 15:17 ` Stephan Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160809115622.GG9515@thunk.org \
--to=tytso@mit.edu \
--cc=ath9k-devel@lists.ath9k.org \
--cc=ath9k-devel@qca.qualcomm.com \
--cc=herbert@gondor.apana.org.au \
--cc=jason@lakedaemon.net \
--cc=kvalo@codeaurora.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=miaoqing@qti.qualcomm.com \
--cc=pouyans@qti.qualcomm.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).