From: Eric Dumazet <dada1@cosmosbay.com>
To: Matt Mackall <mpm@selenic.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Adrian Bunk <bunk@kernel.org>,
Marc Haber <mh+linux-kernel@zugschlus.de>,
linux-kernel@vger.kernel.org,
"David S. Miller" <davem@davemloft.net>
Subject: Re: Why does reading from /dev/urandom deplete entropy so much?
Date: Thu, 06 Dec 2007 08:02:33 +0100 [thread overview]
Message-ID: <47579E89.6080802@cosmosbay.com> (raw)
In-Reply-To: <20071205212646.GP17536@waste.org>
Matt Mackall a écrit :
> On Tue, Dec 04, 2007 at 07:17:58PM +0100, Eric Dumazet wrote:
>> Alan Cox a ?crit :
>>>> No matter what you consider as being better, changing a 12 years old and
>>>> widely used userspace interface like /dev/urandom is simply not an
>>>> option.
>>>>
>>> Fixing it to be more efficient in its use of entropy and also fixing the
>>> fact its not actually a good random number source would be worth looking
>>> at however.
>>>
>> Yes, since current behavior on network irq is very pessimistic.
>
> No, it's very optimistic. The network should not be trusted.
You keep saying that. I am refering to your previous attempts last year to
remove net drivers from sources of entropy. No real changes were done.
If the network should not be trusted, then a patch should make sure network
interrupts feed /dev/urandom but not /dev/random at all. (ie not calling
credit_entropy_store() at all)
>
> The distinction between /dev/random and /dev/urandom boils down to one
> word: paranoia. If you are not paranoid enough to mistrust your
> network, then /dev/random IS NOT FOR YOU. Use /dev/urandom. Do not
> send patches to make /dev/random less paranoid, kthxbye.
I have many tg3 adapters on my servers, receiving thousand of interrupts per
second, and calling add_timer_randomness(). I would like to either :
- Make sure this stuff is doing usefull job.
- Make improvements to reduce cpu time used.
I do not use /dev/urandom or/and /dev/random, but I know David wont accept a
patch to remove IRQF_SAMPLE_RANDOM from tg3.c
Currently, I see that current implementation is suboptimal because it calls
credit_entropy_store( nbits=0) forever.
>
>> If you have some trafic, (ie more than HZ/2 interrupts per second),
>> then add_timer_randomness() feeds
>> some entropy but gives no credit (calling credit_entropy_store() with
>> nbits=0)
>>
>> This is because we take into account only the jiffies difference, and
>> not the get_cycles() that should give
>> us more entropy on most plaforms.
>
> If we cannot measure a difference, we should nonetheless assume there
> is one?
There is a big difference on get_cycles() and jiffies. You should try to
measure it on a typical x86_64 platform.
>
>> In this patch, I suggest that we feed only one u32 word of entropy,
>> combination of the previous distinct
>> words (with some of them being constant or so), so that the nbits
>> estimation is less pessimistic, but also to
>> avoid injecting false entropy.
>
> Umm.. no, that's not how it works at all.
>
> Also, for future reference, patches for /dev/random go through me, not
> through Dave.
>
Why ? David is the network maintainer, and he was the one who rejected your
previous patches.
next prev parent reply other threads:[~2007-12-06 7:03 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-04 11:41 Why does reading from /dev/urandom deplete entropy so much? Marc Haber
2007-12-04 14:16 ` Eric Dumazet
2007-12-04 16:18 ` Adrian Bunk
2007-12-04 16:47 ` Alan Cox
2007-12-04 18:17 ` Eric Dumazet
2007-12-05 21:26 ` Matt Mackall
2007-12-06 7:02 ` Eric Dumazet [this message]
2007-12-06 16:09 ` Matt Mackall
2007-12-09 12:42 ` Marc Haber
2007-12-09 16:16 ` Matt Mackall
2007-12-10 23:06 ` Marc Haber
2007-12-10 23:35 ` Matt Mackall
2007-12-11 1:34 ` Theodore Tso
2007-12-11 19:46 ` Phillip Susi
2007-12-11 20:02 ` Ray Lee
2007-12-12 5:34 ` David Schwartz
2007-12-04 16:54 ` Ray Lee
2007-12-04 16:55 ` Alan Cox
2007-12-04 18:02 ` Matt Mackall
2007-12-04 19:50 ` Theodore Tso
2007-12-04 20:36 ` Matt Mackall
2007-12-04 20:40 ` Alan Cox
2007-12-04 20:48 ` Mike McGrath
2007-12-04 21:54 ` Matt Mackall
2007-12-04 22:03 ` Theodore Tso
2007-12-04 22:12 ` Mike McGrath
2007-12-04 22:28 ` Matt Mackall
2007-12-04 21:08 ` Matt Mackall
2007-12-04 21:18 ` Mike McGrath
2007-12-04 22:15 ` Matt Mackall
2007-12-04 22:23 ` Mike McGrath
2007-12-04 22:33 ` Matt Mackall
2007-12-05 14:26 ` Mike McGrath
2007-12-05 14:49 ` Theodore Tso
2007-12-08 7:38 ` Jon Masters
2007-12-08 17:32 ` Theodore Tso
2007-12-08 17:33 ` Mike McGrath
2007-12-08 17:49 ` Theodore Tso
2007-12-08 17:54 ` Jon Masters
2007-12-08 18:15 ` Matt Mackall
2007-12-08 18:24 ` Theodore Tso
2007-12-08 19:36 ` entropy gathering (was Re: Why does reading from /dev/urandom deplete entropy so much?) Jeff Garzik
2007-12-08 19:53 ` Matt Mackall
2007-12-08 20:04 ` Jeff Garzik
2007-12-08 20:19 ` Matt Mackall
2007-12-08 21:07 ` Willy Tarreau
2007-12-08 20:31 ` Theodore Tso
2007-12-08 20:47 ` Jeff Garzik
2007-12-08 20:42 ` Willy Tarreau
2007-12-08 23:47 ` Theodore Tso
2007-12-09 1:07 ` Jon Masters
2007-12-08 18:31 ` Why does reading from /dev/urandom deplete entropy so much? Jeff Garzik
2007-12-08 20:26 ` David Schwartz
2007-12-08 17:43 ` Matt Mackall
2007-12-08 17:47 ` Jon Masters
2007-12-08 18:05 ` Theodore Tso
2007-12-08 17:45 ` Jon Masters
2007-12-10 16:37 ` Pavel Machek
2007-12-04 18:01 ` Matt Mackall
2007-12-06 20:08 ` Bill Davidsen
2007-12-05 12:23 ` Marc Haber
2007-12-05 12:29 ` Marc Haber
2007-12-05 13:33 ` Theodore Tso
2007-12-05 15:10 ` Marc Haber
2007-12-06 19:32 ` Bill Davidsen
2007-12-08 22:03 ` Adrian Bunk
2007-12-08 22:10 ` Ismail Dönmez
2007-12-08 23:46 ` Theodore Tso
2007-12-09 5:21 ` Willy Tarreau
2007-12-09 6:52 ` Jon Masters
2007-12-09 6:21 ` Ismail Dönmez
2007-12-09 12:31 ` Theodore Tso
2007-12-09 14:06 ` Ismail Dönmez
2007-12-11 15:42 ` Bill Davidsen
2007-12-20 22:27 ` Marc Haber
2007-12-26 18:27 ` Phillip Susi
2007-12-04 18:49 ` Russ Dill
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47579E89.6080802@cosmosbay.com \
--to=dada1@cosmosbay.com \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=bunk@kernel.org \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=mh+linux-kernel@zugschlus.de \
--cc=mpm@selenic.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox