* network devices: to IRQF_SAMPLE_RANDOM or not to IRQF_SAMPLE_RANDOM?
@ 2008-05-13 16:49 Chris Peterson
2008-05-13 17:33 ` Jeff Garzik
0 siblings, 1 reply; 2+ messages in thread
From: Chris Peterson @ 2008-05-13 16:49 UTC (permalink / raw)
To: linux-kernel
Should network devices be allowed to contribute entropy to /dev/random?
This issue has been discussed before, but does not seem to have been
settled: some net drivers [1] use IRQF_SAMPLE_RANDOM when calling
request_irq(), but the vast majority do not. It seems like all net
drivers should follow the same entropy paranoia policy (whether that
is all net drivers should use IRQF_SAMPLE_RANDOM, no net drivers, or a
compile-time option).
Robert Love wrote a patch that added such a compile-time option,
CONFIG_NET_RANDOM (though I believe he stopped maintaining it in
2004). [2]
chris
[1] net drivers that use IRQF_SAMPLE_RANDOM:
drivers/net/3c523.c
drivers/net/3c527.c
drivers/net/atlx/atl1.c
drivers/net/cris/eth_v10.c
drivers/net/ibmlana.c
drivers/net/macb.c
drivers/net/mv643xx_eth.c
drivers/net/netxen/netxen_nic_main.c
drivers/net/niu.c
drivers/net/qla3xxx.c
drivers/net/tg3.c
drivers/net/xen-netfront.c
[2] http://www.kernel.org/pub/linux/kernel/people/rml/netdev-random/
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: network devices: to IRQF_SAMPLE_RANDOM or not to IRQF_SAMPLE_RANDOM?
2008-05-13 16:49 network devices: to IRQF_SAMPLE_RANDOM or not to IRQF_SAMPLE_RANDOM? Chris Peterson
@ 2008-05-13 17:33 ` Jeff Garzik
0 siblings, 0 replies; 2+ messages in thread
From: Jeff Garzik @ 2008-05-13 17:33 UTC (permalink / raw)
To: Chris Peterson; +Cc: linux-kernel, NetDev
Chris Peterson wrote:
> Should network devices be allowed to contribute entropy to /dev/random?
>
> This issue has been discussed before, but does not seem to have been
> settled: some net drivers [1] use IRQF_SAMPLE_RANDOM when calling
> request_irq(), but the vast majority do not. It seems like all net
> drivers should follow the same entropy paranoia policy (whether that
> is all net drivers should use IRQF_SAMPLE_RANDOM, no net drivers, or a
> compile-time option).
Quoting David Miller's excellent summary:
The argument is that if you have a diskless system not taking any
keyboard or other input from the user, the network would be your only
source of random number entropy.
But on the flip side, if the network provides the entropy, this is
externally influencable random number entropy and thus in theory
exploitable. And furthermore, on-board random number generators are the
real answer to this problem.
Thus, the impasse.
There are roughly equal arguments on both sides. Providing some entropy
could be argued as better than nothing, but it could also be said that
providing potentially exploitable entropy is in fact worse than none at all.
</quote>
I tend to push people to /not/ add IRQF_SAMPLE_RANDOM to new drivers,
but I'm not interested in going on a pogrom with existing code. We all
have better things to do with our time :)
Jeff
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-05-13 17:33 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-05-13 16:49 network devices: to IRQF_SAMPLE_RANDOM or not to IRQF_SAMPLE_RANDOM? Chris Peterson
2008-05-13 17:33 ` Jeff Garzik
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox