From: "H. Peter Anvin" <hpa@zytor.com>
To: "Jörn Engel" <joern@logfs.org>, "Theodore Ts'o" <tytso@mit.edu>
Cc: lkml <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] random: mix all saved registers into entropy pool
Date: Mon, 19 May 2014 15:18:01 -0700 [thread overview]
Message-ID: <537A8319.5010100@zytor.com> (raw)
In-Reply-To: <20140519212320.GB14563@logfs.org>
On 05/19/2014 02:23 PM, Jörn Engel wrote:
> On Mon, 19 May 2014 17:17:19 -0400, Jörn Engel wrote:
>>
>> Experimentation show this to be an excellent entropy source. Doing 1000
>> boottests with kvm and dumping a hash of the registers for the first
>> 1024 interrupts each, >40% of all hashes were unique and >80% of all
>> hashes occurred less than once 1% of the time.
>
> And since I previously claimed the opposite, the negative result was
> caused by a kvm oddity. When starting kvm in the background, it will
> run just fine. But when starting kvm with "-nographic" in the
> background, the process gets stopped. No output is generated and the
> output file is not even truncated before kvm is stopped. Therefore
> every single run will have identical kernel output - that of the
> previous run.
>
> With that embarrassment out of the way, I find this approach hugely
> valuable. Even if you disagree with some detail of this patch, we
> should definitely merge something roughly related.
>
> Jörn
>
I think this is likely to be particularly valuable during boot. I can
see it becoming substantially less valuable after that point, but during
boot is when the most critical.
What I do see as an issue is that the value is probably impossible to
quantify, and so I feel more than a bit queasy about giving it
/dev/random credit. However, making sure the pool is well stirred
during boot is really way more important.
-hpa
next prev parent reply other threads:[~2014-05-19 22:18 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-19 21:17 [PATCH] random: mix all saved registers into entropy pool Jörn Engel
2014-05-19 21:23 ` Jörn Engel
2014-05-19 22:18 ` H. Peter Anvin [this message]
2014-05-19 22:39 ` Jörn Engel
2014-05-19 23:05 ` H. Peter Anvin
2014-05-19 23:18 ` Jörn Engel
2014-05-20 12:12 ` Andi Kleen
2014-05-20 20:08 ` Jörn Engel
2014-05-21 19:39 ` Andi Kleen
2014-05-21 20:29 ` Jörn Engel
2014-05-21 20:38 ` Jörn Engel
2014-06-04 23:17 ` Jörn Engel
2014-06-10 16:14 ` Theodore Ts'o
2014-06-11 0:10 ` Jörn Engel
2014-06-11 15:27 ` Theodore Ts'o
2014-06-12 20:25 ` Jörn Engel
2014-06-12 20:05 ` Jörn Engel
-- strict thread matches above, loose matches on Subject: below --
2014-02-02 20:36 [PATCH,RFC] random: collect cpu randomness Jörn Engel
2014-02-03 15:50 ` Jörn Engel
2014-02-03 16:37 ` Theodore Ts'o
2014-02-03 18:48 ` Jörn Engel
2014-03-23 18:00 ` [PATCH] random: mix all saved registers into entropy pool Jörn Engel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=537A8319.5010100@zytor.com \
--to=hpa@zytor.com \
--cc=joern@logfs.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).