[PATCH] [resend] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[PATCH] [resend] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[Chris Peterson]

Remove network drivers' last few uses of theoretically-exploitable network 
entropy. Only 12 net drivers are affected. Headless boxes should use a 
more secure source of entropy, such as the userspace daemons rngd, clrngd, 
egd, audio_entropyd, and/or video_entroyd.

I'm also thinking about writing a "Frankenstein" daemon that combines the 
entropy-collecting algorithms from those daemons into one. Whereas rngd 
only uses /dev/hw_random, my hypothetical daemon would make a best effort 
attempt: use /dev/hw_random if it exists, otherwise fallback (or use in 
addition) the other entropy sources.


Signed-off-by: Chris Peterson <cpeterso@cpeterso.com>
---
diff -pruN linux-2.6.26-rc4.orig/drivers/net/3c523.c linux-2.6.26-rc4/drivers/net/3c523.c
--- linux-2.6.26-rc4.orig/drivers/net/3c523.c	2008-05-18 10:03:23.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/3c523.c	2008-05-27 21:44:23.000000000 -0700
@@ -289,8 +289,7 @@ static int elmc_open(struct net_device *
 
 	elmc_id_attn586();	/* disable interrupts */
 
-	ret = request_irq(dev->irq, &elmc_interrupt, IRQF_SHARED | IRQF_SAMPLE_RANDOM,
-			  dev->name, dev);
+	ret = request_irq(dev->irq, &elmc_interrupt, IRQF_SHARED, dev->name, dev);
 	if (ret) {
 		printk(KERN_ERR "%s: couldn't get irq %d\n", dev->name, dev->irq);
 		elmc_id_reset586();
diff -pruN linux-2.6.26-rc4.orig/drivers/net/3c527.c linux-2.6.26-rc4/drivers/net/3c527.c
--- linux-2.6.26-rc4.orig/drivers/net/3c527.c	2008-05-27 21:18:52.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/3c527.c	2008-05-27 21:44:23.000000000 -0700
@@ -434,7 +434,7 @@ static int __init mc32_probe1(struct net
 	 *	Grab the IRQ
 	 */
 
-	err = request_irq(dev->irq, &mc32_interrupt, IRQF_SHARED | IRQF_SAMPLE_RANDOM, DRV_NAME, dev);
+	err = request_irq(dev->irq, &mc32_interrupt, IRQF_SHARED, DRV_NAME, dev);
 	if (err) {
 		release_region(dev->base_addr, MC32_IO_EXTENT);
 		printk(KERN_ERR "%s: unable to get IRQ %d.\n", DRV_NAME, dev->irq);
diff -pruN linux-2.6.26-rc4.orig/drivers/net/atlx/atl1.c linux-2.6.26-rc4/drivers/net/atlx/atl1.c
--- linux-2.6.26-rc4.orig/drivers/net/atlx/atl1.c	2008-05-27 21:18:52.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/atlx/atl1.c	2008-05-27 21:44:23.000000000 -0700
@@ -2610,7 +2610,7 @@ static s32 atl1_up(struct atl1_adapter *
 {
 	struct net_device *netdev = adapter->netdev;
 	int err;
-	int irq_flags = IRQF_SAMPLE_RANDOM;
+	int irq_flags = 0;
 
 	/* hardware has been reset, we need to reload some things */
 	atlx_set_multi(netdev);
diff -pruN linux-2.6.26-rc4.orig/drivers/net/cris/eth_v10.c linux-2.6.26-rc4/drivers/net/cris/eth_v10.c
--- linux-2.6.26-rc4.orig/drivers/net/cris/eth_v10.c	2008-05-18 10:03:34.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/cris/eth_v10.c	2008-05-27 21:44:23.000000000 -0700
@@ -490,7 +490,7 @@ e100_open(struct net_device *dev)
 	/* allocate the irq corresponding to the receiving DMA */
 
 	if (request_irq(NETWORK_DMA_RX_IRQ_NBR, e100rxtx_interrupt,
-			IRQF_SAMPLE_RANDOM, cardname, (void *)dev)) {
+			0, cardname, (void *)dev)) {
 		goto grace_exit0;
 	}
 
diff -pruN linux-2.6.26-rc4.orig/drivers/net/ibmlana.c linux-2.6.26-rc4/drivers/net/ibmlana.c
--- linux-2.6.26-rc4.orig/drivers/net/ibmlana.c	2008-05-18 10:03:41.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/ibmlana.c	2008-05-27 21:44:23.000000000 -0700
@@ -783,7 +783,7 @@ static int ibmlana_open(struct net_devic
 
 	/* register resources - only necessary for IRQ */
 
-	result = request_irq(priv->realirq, irq_handler, IRQF_SHARED | IRQF_SAMPLE_RANDOM, dev->name, dev);
+	result = request_irq(priv->realirq, irq_handler, IRQF_SHARED, dev->name, dev);
 	if (result != 0) {
 		printk(KERN_ERR "%s: failed to register irq %d\n", dev->name, dev->irq);
 		return result;
diff -pruN linux-2.6.26-rc4.orig/drivers/net/macb.c linux-2.6.26-rc4/drivers/net/macb.c
--- linux-2.6.26-rc4.orig/drivers/net/macb.c	2008-05-27 21:19:39.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/macb.c	2008-05-27 21:44:23.000000000 -0700
@@ -1151,8 +1151,7 @@ static int __init macb_probe(struct plat
 	}
 
 	dev->irq = platform_get_irq(pdev, 0);
-	err = request_irq(dev->irq, macb_interrupt, IRQF_SAMPLE_RANDOM,
-			  dev->name, dev);
+	err = request_irq(dev->irq, macb_interrupt, 0, dev->name, dev);
 	if (err) {
 		printk(KERN_ERR
 		       "%s: Unable to request IRQ %d (error %d)\n",
diff -pruN linux-2.6.26-rc4.orig/drivers/net/mv643xx_eth.c linux-2.6.26-rc4/drivers/net/mv643xx_eth.c
--- linux-2.6.26-rc4.orig/drivers/net/mv643xx_eth.c	2008-05-27 21:19:39.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/mv643xx_eth.c	2008-05-27 21:44:23.000000000 -0700
@@ -1329,7 +1329,7 @@ static int mv643xx_eth_open(struct net_d
 	rdl(mp, INTERRUPT_CAUSE_EXTEND_REG(port_num));
 
 	err = request_irq(dev->irq, mv643xx_eth_int_handler,
-			IRQF_SHARED | IRQF_SAMPLE_RANDOM, dev->name, dev);
+			IRQF_SHARED, dev->name, dev);
 	if (err) {
 		printk(KERN_ERR "%s: Can not assign IRQ\n", dev->name);
 		return -EAGAIN;
diff -pruN linux-2.6.26-rc4.orig/drivers/net/netxen/netxen_nic_main.c linux-2.6.26-rc4/drivers/net/netxen/netxen_nic_main.c
--- linux-2.6.26-rc4.orig/drivers/net/netxen/netxen_nic_main.c	2008-05-27 21:19:39.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/netxen/netxen_nic_main.c	2008-05-27 21:44:23.000000000 -0700
@@ -838,7 +838,7 @@ static int netxen_nic_open(struct net_de
 	int err = 0;
 	int ctx, ring;
 	irq_handler_t handler;
-	unsigned long flags = IRQF_SAMPLE_RANDOM;
+	unsigned long flags = 0;
 
 	if (adapter->is_up != NETXEN_ADAPTER_UP_MAGIC) {
 		err = netxen_init_firmware(adapter);
diff -pruN linux-2.6.26-rc4.orig/drivers/net/niu.c linux-2.6.26-rc4/drivers/net/niu.c
--- linux-2.6.26-rc4.orig/drivers/net/niu.c	2008-05-27 21:19:39.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/niu.c	2008-05-27 21:44:23.000000000 -0700
@@ -5599,8 +5599,7 @@ static int niu_request_irq(struct niu *n
 		struct niu_ldg *lp = &np->ldg[i];
 
 		err = request_irq(lp->irq, niu_interrupt,
-				  IRQF_SHARED | IRQF_SAMPLE_RANDOM,
-				  np->dev->name, lp);
+				  IRQF_SHARED, np->dev->name, lp);
 		if (err)
 			goto out_free_irqs;
 
diff -pruN linux-2.6.26-rc4.orig/drivers/net/qla3xxx.c linux-2.6.26-rc4/drivers/net/qla3xxx.c
--- linux-2.6.26-rc4.orig/drivers/net/qla3xxx.c	2008-05-27 21:19:41.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/qla3xxx.c	2008-05-27 21:44:24.000000000 -0700
@@ -3618,7 +3618,7 @@ static int ql_adapter_up(struct ql3_adap
 {
 	struct net_device *ndev = qdev->ndev;
 	int err;
-	unsigned long irq_flags = IRQF_SAMPLE_RANDOM | IRQF_SHARED;
+	unsigned long irq_flags = IRQF_SHARED;
 	unsigned long hw_flags;
 
 	if (ql_alloc_mem_resources(qdev)) {
diff -pruN linux-2.6.26-rc4.orig/drivers/net/tg3.c linux-2.6.26-rc4/drivers/net/tg3.c
--- linux-2.6.26-rc4.orig/drivers/net/tg3.c	2008-05-27 21:19:51.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/tg3.c	2008-05-27 21:44:24.000000000 -0700
@@ -7496,12 +7496,12 @@ static int tg3_request_irq(struct tg3 *t
 		fn = tg3_msi;
 		if (tp->tg3_flags2 & TG3_FLG2_1SHOT_MSI)
 			fn = tg3_msi_1shot;
-		flags = IRQF_SAMPLE_RANDOM;
+		flags = 0;
 	} else {
 		fn = tg3_interrupt;
 		if (tp->tg3_flags & TG3_FLAG_TAGGED_STATUS)
 			fn = tg3_interrupt_tagged;
-		flags = IRQF_SHARED | IRQF_SAMPLE_RANDOM;
+		flags = IRQF_SHARED;
 	}
 	return (request_irq(tp->pdev->irq, fn, flags, dev->name, dev));
 }
@@ -7519,7 +7519,7 @@ static int tg3_test_interrupt(struct tg3
 	free_irq(tp->pdev->irq, dev);
 
 	err = request_irq(tp->pdev->irq, tg3_test_isr,
-			  IRQF_SHARED | IRQF_SAMPLE_RANDOM, dev->name, dev);
+			  IRQF_SHARED, dev->name, dev);
 	if (err)
 		return err;
 
diff -pruN linux-2.6.26-rc4.orig/drivers/net/xen-netfront.c linux-2.6.26-rc4/drivers/net/xen-netfront.c
--- linux-2.6.26-rc4.orig/drivers/net/xen-netfront.c	2008-05-27 21:19:53.000000000 -0700
+++ linux-2.6.26-rc4/drivers/net/xen-netfront.c	2008-05-27 21:44:24.000000000 -0700
@@ -1361,8 +1361,7 @@ static int setup_netfront(struct xenbus_
 		goto fail;
 
 	err = bind_evtchn_to_irqhandler(info->evtchn, xennet_interrupt,
-					IRQF_SAMPLE_RANDOM, netdev->name,
-					netdev);
+					0, netdev->name, netdev);
 	if (err < 0)
 		goto fail;
 	netdev->irq = err;

Re: [PATCH] [resend] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[Alan Cox]

On Wed, 28 May 2008 23:23:26 -0700 (PDT)
Chris Peterson <cpeterso@cpeterso.com> wrote:

> 
> Remove network drivers' last few uses of theoretically-exploitable network 
> entropy. Only 12 net drivers are affected. Headless boxes should use a 
> more secure source of entropy, such as the userspace daemons rngd, clrngd, 
> egd, audio_entropyd, and/or video_entroyd.
> 
> I'm also thinking about writing a "Frankenstein" daemon that combines the 
> entropy-collecting algorithms from those daemons into one. Whereas rngd 
> only uses /dev/hw_random, my hypothetical daemon would make a best effort 
> attempt: use /dev/hw_random if it exists, otherwise fallback (or use in 
> addition) the other entropy sources.
> 
> 
> Signed-off-by: Chris Peterson <cpeterso@cpeterso.com>

Acked-by: Alan Cox <alan@redhat.com>

Re: [PATCH] [resend] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[Martin Wilck]

Chris Peterson wrote:

> Remove network drivers' last few uses of theoretically-exploitable network 
> entropy. Only 12 net drivers are affected. Headless boxes should use a 
> more secure source of entropy, such as the userspace daemons rngd, clrngd, 
> egd, audio_entropyd, and/or video_entroyd.

I don't think that consensus has been reached on this subject yet. 
Re-reading this thread, it's obvious that there are two camps with 
conflicting opinions all the way through the community. Very little has 
changed since the debate in 2006.

Those who are in favor of this patch argue that random data from 
/dev/random must be absolutely, truly cryptographically reliable. That's 
fine as a concept, but it is not even remotely realistic in many 
real-world systems.

Think about disk randomness in times where more and more disks don't 
have mechanical heads. Think about caching RAID controllers, solid state 
disks, virtual disks, even iSCSI volumes! In general, modern "disks" are 
no more reliable as entropy source than network interfaces.

Either the low-level driver (knowing the actual hardware) must decide 
whether or not a device is a suitable source of randomness, or better 
even, the admin must judge that from his knowledge of the actual situation.

To make /dev/random truly solid, all devices that currently contribute 
entropy must be re-scrutinized. Whether or not they really generate 
entropy should be made configurable for administrators, this is a matter 
of policy, not an a-priory property of a device class. It should be an 
individual device property - some SCSI disks in a system may be 
considered reliable and others not, and the same would hold for network 
devices.

In the meantime, while /dev/random isn't what it's supposed to be, I 
pledge to keep IRQF_SAMPLE_RANDOM for network devices, or at least, make 
at a configurable option for headless systems.

egd, etc. are not an adequate replacement for network-generated 
randomness. They either use /dev/hw_random, which is only available on a 
few machines, or system statistics which can hardly count as "random 
noise". On the contrary, the statistics are 100% deterministic if the 
initial system state is known. The only way such data can become 
non-deterministic is through user or network input. User input is not 
available in the scenario we're talking about, and well - network input 
should't count, should it? It's not a proof if such data passes the FIPE 
or diehard tests. These tests are statistical and would be passed by 
totally deterministic data such as the sequence of digits of Pi.

Whatever comes out of this discussion, it's most important that some 
sort of consensus is reached that user space can rely on. The current 
situation is just inconsistent and confusing. I that sense, Chris' patch 
is good because it at least removes the inconsistency between network 
drivers. But I'd only find it acceptable as the first part of a patch 
series that tackles the complete entropy-generation infrastructure.

Regards
Martin

[PATCH] [resend] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[Chris Peterson]

Remove network drivers' last few uses of theoretically-exploitable network
entropy. Only 12 net drivers are affected. Headless boxes should use a
more secure source of entropy, such as userspace daemons like rngd, 
clrngd, audio_entropyd, and/or video_entroyd.


Signed-off-by: Chris Peterson <cpeterso@cpeterso.com>
---
diff -Naur linux-2.6.26-rc6.orig/drivers/net/3c523.c linux-2.6.26-rc6/drivers/net/3c523.c
--- linux-2.6.26-rc6.orig/drivers/net/3c523.c	2008-05-18 10:03:23.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/3c523.c	2008-06-13 22:14:54.000000000 -0700
@@ -289,8 +289,7 @@
 
 	elmc_id_attn586();	/* disable interrupts */
 
-	ret = request_irq(dev->irq, &elmc_interrupt, IRQF_SHARED | IRQF_SAMPLE_RANDOM,
-			  dev->name, dev);
+	ret = request_irq(dev->irq, &elmc_interrupt, IRQF_SHARED, dev->name, dev);
 	if (ret) {
 		printk(KERN_ERR "%s: couldn't get irq %d\n", dev->name, dev->irq);
 		elmc_id_reset586();
diff -Naur linux-2.6.26-rc6.orig/drivers/net/3c527.c linux-2.6.26-rc6/drivers/net/3c527.c
--- linux-2.6.26-rc6.orig/drivers/net/3c527.c	2008-06-12 23:51:32.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/3c527.c	2008-06-13 22:14:54.000000000 -0700
@@ -434,7 +434,7 @@
 	 *	Grab the IRQ
 	 */
 
-	err = request_irq(dev->irq, &mc32_interrupt, IRQF_SHARED | IRQF_SAMPLE_RANDOM, DRV_NAME, dev);
+	err = request_irq(dev->irq, &mc32_interrupt, IRQF_SHARED, DRV_NAME, dev);
 	if (err) {
 		release_region(dev->base_addr, MC32_IO_EXTENT);
 		printk(KERN_ERR "%s: unable to get IRQ %d.\n", DRV_NAME, dev->irq);
diff -Naur linux-2.6.26-rc6.orig/drivers/net/atlx/atl1.c linux-2.6.26-rc6/drivers/net/atlx/atl1.c
--- linux-2.6.26-rc6.orig/drivers/net/atlx/atl1.c	2008-06-12 23:51:33.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/atlx/atl1.c	2008-06-13 22:14:54.000000000 -0700
@@ -2595,7 +2595,7 @@
 {
 	struct net_device *netdev = adapter->netdev;
 	int err;
-	int irq_flags = IRQF_SAMPLE_RANDOM;
+	int irq_flags = 0;
 
 	/* hardware has been reset, we need to reload some things */
 	atlx_set_multi(netdev);
diff -Naur linux-2.6.26-rc6.orig/drivers/net/cris/eth_v10.c linux-2.6.26-rc6/drivers/net/cris/eth_v10.c
--- linux-2.6.26-rc6.orig/drivers/net/cris/eth_v10.c	2008-05-18 10:03:34.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/cris/eth_v10.c	2008-06-13 22:14:54.000000000 -0700
@@ -490,7 +490,7 @@
 	/* allocate the irq corresponding to the receiving DMA */
 
 	if (request_irq(NETWORK_DMA_RX_IRQ_NBR, e100rxtx_interrupt,
-			IRQF_SAMPLE_RANDOM, cardname, (void *)dev)) {
+			0, cardname, (void *)dev)) {
 		goto grace_exit0;
 	}
 
diff -Naur linux-2.6.26-rc6.orig/drivers/net/ibmlana.c linux-2.6.26-rc6/drivers/net/ibmlana.c
--- linux-2.6.26-rc6.orig/drivers/net/ibmlana.c	2008-05-18 10:03:41.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/ibmlana.c	2008-06-13 22:14:54.000000000 -0700
@@ -783,7 +783,7 @@
 
 	/* register resources - only necessary for IRQ */
 
-	result = request_irq(priv->realirq, irq_handler, IRQF_SHARED | IRQF_SAMPLE_RANDOM, dev->name, dev);
+	result = request_irq(priv->realirq, irq_handler, IRQF_SHARED, dev->name, dev);
 	if (result != 0) {
 		printk(KERN_ERR "%s: failed to register irq %d\n", dev->name, dev->irq);
 		return result;
diff -Naur linux-2.6.26-rc6.orig/drivers/net/macb.c linux-2.6.26-rc6/drivers/net/macb.c
--- linux-2.6.26-rc6.orig/drivers/net/macb.c	2008-06-12 23:51:45.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/macb.c	2008-06-13 22:14:54.000000000 -0700
@@ -1151,8 +1151,7 @@
 	}
 
 	dev->irq = platform_get_irq(pdev, 0);
-	err = request_irq(dev->irq, macb_interrupt, IRQF_SAMPLE_RANDOM,
-			  dev->name, dev);
+	err = request_irq(dev->irq, macb_interrupt, 0, dev->name, dev);
 	if (err) {
 		printk(KERN_ERR
 		       "%s: Unable to request IRQ %d (error %d)\n",
diff -Naur linux-2.6.26-rc6.orig/drivers/net/mv643xx_eth.c linux-2.6.26-rc6/drivers/net/mv643xx_eth.c
--- linux-2.6.26-rc6.orig/drivers/net/mv643xx_eth.c	2008-06-12 23:51:46.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/mv643xx_eth.c	2008-06-13 22:14:54.000000000 -0700
@@ -1329,7 +1329,7 @@
 	rdl(mp, INTERRUPT_CAUSE_EXTEND_REG(port_num));
 
 	err = request_irq(dev->irq, mv643xx_eth_int_handler,
-			IRQF_SHARED | IRQF_SAMPLE_RANDOM, dev->name, dev);
+			IRQF_SHARED, dev->name, dev);
 	if (err) {
 		printk(KERN_ERR "%s: Can not assign IRQ\n", dev->name);
 		return -EAGAIN;
diff -Naur linux-2.6.26-rc6.orig/drivers/net/netxen/netxen_nic_main.c linux-2.6.26-rc6/drivers/net/netxen/netxen_nic_main.c
--- linux-2.6.26-rc6.orig/drivers/net/netxen/netxen_nic_main.c	2008-06-12 23:51:46.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/netxen/netxen_nic_main.c	2008-06-13 22:14:54.000000000 -0700
@@ -838,7 +838,7 @@
 	int err = 0;
 	int ctx, ring;
 	irq_handler_t handler;
-	unsigned long flags = IRQF_SAMPLE_RANDOM;
+	unsigned long flags = 0;
 
 	if (adapter->is_up != NETXEN_ADAPTER_UP_MAGIC) {
 		err = netxen_init_firmware(adapter);
diff -Naur linux-2.6.26-rc6.orig/drivers/net/niu.c linux-2.6.26-rc6/drivers/net/niu.c
--- linux-2.6.26-rc6.orig/drivers/net/niu.c	2008-06-12 23:51:47.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/niu.c	2008-06-13 22:14:54.000000000 -0700
@@ -5599,8 +5599,7 @@
 		struct niu_ldg *lp = &np->ldg[i];
 
 		err = request_irq(lp->irq, niu_interrupt,
-				  IRQF_SHARED | IRQF_SAMPLE_RANDOM,
-				  np->dev->name, lp);
+				  IRQF_SHARED, np->dev->name, lp);
 		if (err)
 			goto out_free_irqs;
 
diff -Naur linux-2.6.26-rc6.orig/drivers/net/qla3xxx.c linux-2.6.26-rc6/drivers/net/qla3xxx.c
--- linux-2.6.26-rc6.orig/drivers/net/qla3xxx.c	2008-06-12 23:51:49.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/qla3xxx.c	2008-06-13 22:14:54.000000000 -0700
@@ -3618,7 +3618,7 @@
 {
 	struct net_device *ndev = qdev->ndev;
 	int err;
-	unsigned long irq_flags = IRQF_SAMPLE_RANDOM | IRQF_SHARED;
+	unsigned long irq_flags = IRQF_SHARED;
 	unsigned long hw_flags;
 
 	if (ql_alloc_mem_resources(qdev)) {
diff -Naur linux-2.6.26-rc6.orig/drivers/net/tg3.c linux-2.6.26-rc6/drivers/net/tg3.c
--- linux-2.6.26-rc6.orig/drivers/net/tg3.c	2008-06-12 23:51:57.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/tg3.c	2008-06-13 22:14:54.000000000 -0700
@@ -7510,12 +7510,12 @@
 		fn = tg3_msi;
 		if (tp->tg3_flags2 & TG3_FLG2_1SHOT_MSI)
 			fn = tg3_msi_1shot;
-		flags = IRQF_SAMPLE_RANDOM;
+		flags = 0;
 	} else {
 		fn = tg3_interrupt;
 		if (tp->tg3_flags & TG3_FLAG_TAGGED_STATUS)
 			fn = tg3_interrupt_tagged;
-		flags = IRQF_SHARED | IRQF_SAMPLE_RANDOM;
+		flags = IRQF_SHARED;
 	}
 	return (request_irq(tp->pdev->irq, fn, flags, dev->name, dev));
 }
@@ -7533,7 +7533,7 @@
 	free_irq(tp->pdev->irq, dev);
 
 	err = request_irq(tp->pdev->irq, tg3_test_isr,
-			  IRQF_SHARED | IRQF_SAMPLE_RANDOM, dev->name, dev);
+			  IRQF_SHARED, dev->name, dev);
 	if (err)
 		return err;
 
diff -Naur linux-2.6.26-rc6.orig/drivers/net/xen-netfront.c linux-2.6.26-rc6/drivers/net/xen-netfront.c
--- linux-2.6.26-rc6.orig/drivers/net/xen-netfront.c	2008-06-12 23:52:17.000000000 -0700
+++ linux-2.6.26-rc6/drivers/net/xen-netfront.c	2008-06-13 22:14:54.000000000 -0700
@@ -1361,8 +1361,7 @@
 		goto fail;
 
 	err = bind_evtchn_to_irqhandler(info->evtchn, xennet_interrupt,
-					IRQF_SAMPLE_RANDOM, netdev->name,
-					netdev);
+					0, netdev->name, netdev);
 	if (err < 0)
 		goto fail;
 	netdev->irq = err;

Re: [PATCH] [resend] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[Jeff Garzik]

Chris Peterson wrote:
> Remove network drivers' last few uses of theoretically-exploitable network
> entropy. Only 12 net drivers are affected. Headless boxes should use a
> more secure source of entropy, such as userspace daemons like rngd, 
> clrngd, audio_entropyd, and/or video_entroyd.
> 
> 
> Signed-off-by: Chris Peterson <cpeterso@cpeterso.com>

For what it's worth...  I'm keeping this patch in my 'hold' queue, 
mainly to see if anyone really puts up some major objections, or fuss.

I'm leaning towards applying it for 2.6.27...

	Jeff

Re: [PATCH] [resend] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[Jeff Garzik]

Matt Mackall wrote:
> On Wed, May 13, 2009 at 12:17:29AM -0700, Chris Peterson wrote:
>>> The future model will continue to sample network
>>> devices on theory that they -might- be less than 100% observable and
>>> that can only increase our total (unmeasurable) amount of entropy.
>> That sounds reasonable to me. So should all net drivers now specify
>> IRQF_SAMPLE_RANDOM?
>>
>> Or even simpler: could request_irq() assume IRQF_SAMPLE_RANDOM for any
>> interrupt that is not (say) IRQF_IRQPOLL or IRQF_PERCPU?
> 
> Maybe. We don't want IRQ latency to suffer. So before we turn on
> sampling of -all- sources, we need to make sampling lighter weight and
> we need a way to say 'we have enough' so that we're not consuming CPU
> when our pools are 'full'. We could turn it on now and rely on the
> current trickle logic, but it's nice to have the water main off when
> doing significant plumbing.

So, until such time, let's be consistent in net driver land and not 
IRQF_SAMPLE_RANDOM.

	Jeff

Re: [PATCH] [resend] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[Matt Mackall]

On Wed, May 13, 2009 at 03:39:11PM -0400, Jeff Garzik wrote:
> Matt Mackall wrote:
> >On Wed, May 13, 2009 at 12:17:29AM -0700, Chris Peterson wrote:
> >>>The future model will continue to sample network
> >>>devices on theory that they -might- be less than 100% observable and
> >>>that can only increase our total (unmeasurable) amount of entropy.
> >>That sounds reasonable to me. So should all net drivers now specify
> >>IRQF_SAMPLE_RANDOM?
> >>
> >>Or even simpler: could request_irq() assume IRQF_SAMPLE_RANDOM for any
> >>interrupt that is not (say) IRQF_IRQPOLL or IRQF_PERCPU?
> >
> >Maybe. We don't want IRQ latency to suffer. So before we turn on
> >sampling of -all- sources, we need to make sampling lighter weight and
> >we need a way to say 'we have enough' so that we're not consuming CPU
> >when our pools are 'full'. We could turn it on now and rely on the
> >current trickle logic, but it's nice to have the water main off when
> >doing significant plumbing.
> 
> So, until such time, let's be consistent in net driver land and not 
> IRQF_SAMPLE_RANDOM.
> 
> 	Jeff

If you want. I was also looking to avoid the fight that happened when
I submitted an equivalent patch a couple years back.

-- 
Mathematics is the supreme nostalgia of our time.