From: Jeff Garzik <garzik@havoc.gtf.org>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Andreas Dilger <adilger@turbolabs.com>, linux-kernel@vger.kernel.org
Subject: Re: Continuing /dev/random problems with 2.4
Date: Fri, 1 Feb 2002 15:28:29 -0500 [thread overview]
Message-ID: <20020201152829.A2497@havoc.gtf.org> (raw)
In-Reply-To: <20020201031744.A32127@asooo.flowerfire.com> <1012582401.813.1.camel@phantasy> <a3enf3$93p$1@cesium.transmeta.com> <20020201124300.G763@lynx.adilger.int> <3C5AF6B5.5080105@zytor.com>
In-Reply-To: <3C5AF6B5.5080105@zytor.com>; from hpa@zytor.com on Fri, Feb 01, 2002 at 12:12:37PM -0800
On Fri, Feb 01, 2002 at 12:12:37PM -0800, H. Peter Anvin wrote:
> Andreas Dilger wrote:
> > Maybe, i8XX hardware RNG should feed the /dev/random entropy pool
> > directly if you enable the chipset support (with an option to turn
> > it off if you want to use the user-space tools or a separate RNG),
> > so that people get the benefits of the h/w RNG without having to
> > install another tool (which they won't know about)?
> "Let's put it in the kernel because people are too stupid to install it
> otherwise"?
There actually used to be a timer function in i810_rng driver which
directly added entropy to the pool. batch_entropy_store was exported in
order to do this.
However, that was just the quick and dirty way. You DO NOT want to do
this in the kernel, because one must perform fitness tests on the random
data before adding it to the kernel's /dev/[u]random entropy pool.
Putting proper fitness tests into the kernel is just plain code bloat.
Therefore, RNG drivers -must- deal with a userspace agent in order to be
properly used, and properly secure.
The userspace tools for i810 RNG specifically are available at the
website URL mentioned in the source code. So if somebody cannot find
them, feel free to laugh.
Jeff
next prev parent reply other threads:[~2002-02-01 20:28 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-02-01 9:17 Continuing /dev/random problems with 2.4 Ken Brownfield
2002-02-01 16:36 ` Andreas Dilger
2002-02-01 17:00 ` Ken Brownfield
2002-02-01 16:53 ` Robert Love
2002-02-01 17:01 ` Ken Brownfield
2002-02-04 9:28 ` Sean Hunter
2002-02-01 18:40 ` H. Peter Anvin
2002-02-01 19:38 ` Ken Brownfield
2002-02-01 19:50 ` Robert Love
2002-02-01 19:52 ` Ken Brownfield
2002-02-01 19:57 ` Andreas Dilger
2002-02-01 20:22 ` Ken Brownfield
2002-02-01 19:43 ` Andreas Dilger
2002-02-01 20:12 ` H. Peter Anvin
2002-02-01 20:28 ` Jeff Garzik [this message]
2002-02-02 1:33 ` David Wagner
2002-02-02 8:01 ` Jeff Garzik
2002-02-02 8:54 ` Kai Henningsen
2002-02-02 11:13 ` Andreas Dilger
2002-02-04 22:13 ` Bill Davidsen
2002-02-04 22:37 ` Roland Dreier
2002-02-04 22:45 ` Robert Love
2002-02-05 23:02 ` Bill Davidsen
2002-02-05 23:17 ` Robert Love
2002-02-06 16:16 ` Bill Davidsen
2002-02-06 16:31 ` Need a clew WRT fig2dev Kirk Reiser
2002-02-06 16:42 ` Adrian Bunk
2002-02-06 20:40 ` Jeff Garzik
2002-02-09 19:45 ` Continuing /dev/random problems with 2.4 Nix N. Nix
2002-02-03 12:51 ` Henning P. Schmiedehausen
2002-02-01 20:23 ` Peter Monta
2002-02-01 20:27 ` H. Peter Anvin
2002-02-01 20:36 ` Jeff Garzik
2002-02-01 20:33 ` Jeff Garzik
2002-02-01 20:40 ` H. Peter Anvin
2002-02-01 20:54 ` Jeff Garzik
2002-02-01 20:56 ` Peter Monta
2002-02-01 22:54 ` H. Peter Anvin
2002-02-01 23:27 ` Peter Monta
2002-02-02 1:50 ` H. Peter Anvin
2002-02-02 2:05 ` David Wagner
2002-02-02 3:30 ` Peter Monta
2002-02-02 21:02 ` Martin Dalecki
-- strict thread matches above, loose matches on Subject: below --
2002-02-04 21:53 Ishan O. Jayawardena
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020201152829.A2497@havoc.gtf.org \
--to=garzik@havoc.gtf.org \
--cc=adilger@turbolabs.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox