Re: network devices: to IRQF_SAMPLE_RANDOM or not to IRQF_SAMPLE_RANDOM?

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Jeff Garzik <jeff@garzik.org>
To: Chris Peterson <cpeterso@cpeterso.com>
Cc: linux-kernel@vger.kernel.org, NetDev <netdev@vger.kernel.org>
Subject: Re: network devices: to IRQF_SAMPLE_RANDOM or not to IRQF_SAMPLE_RANDOM?
Date: Tue, 13 May 2008 13:33:33 -0400	[thread overview]
Message-ID: <4829D0ED.5010701@garzik.org> (raw)
In-Reply-To: <a24804730805130949o32687f74id4fce833c3589641@mail.gmail.com>

Chris Peterson wrote:
> Should network devices be allowed to contribute entropy to /dev/random?
> 
> This issue has been discussed before, but does not seem to have been
> settled: some net drivers [1] use IRQF_SAMPLE_RANDOM when calling
> request_irq(), but the vast majority do not. It seems like all net
> drivers should follow the same entropy paranoia policy (whether that
> is all net drivers should use IRQF_SAMPLE_RANDOM, no net drivers, or a
> compile-time option).

Quoting David Miller's excellent summary:

The argument is that if you have a diskless system not taking any 
keyboard or other input from the user, the network would be your only 
source of random number entropy.

But on the flip side, if the network provides the entropy, this is 
externally influencable random number entropy and thus in theory 
exploitable.  And furthermore, on-board random number generators are the 
real answer to this problem.

Thus, the impasse.

There are roughly equal arguments on both sides.  Providing some entropy 
could be argued as better than nothing, but it could also be said that 
providing potentially exploitable entropy is in fact worse than none at all.

</quote>

I tend to push people to /not/ add IRQF_SAMPLE_RANDOM to new drivers, 
but I'm not interested in going on a pogrom with existing code.  We all 
have better things to do with our time :)

	Jeff

          parent reply	other threads:[~2008-05-13 17:33 UTC|newest]

Thread overview: expand[flat|nested]  mbox.gz  Atom feed
 [parent not found: <a24804730805130949o32687f74id4fce833c3589641@mail.gmail.com>]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4829D0ED.5010701@garzik.org \
    --to=jeff@garzik.org \
    --cc=cpeterso@cpeterso.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).