On Fri, 2005-03-25 at 17:33 +1100, Herbert Xu wrote: > On Fri, Mar 25, 2005 at 09:34:19AM +0300, Evgeniy Polyakov wrote: > > > > Such hardware is used mostly in embedded world where SW crypto > > processing > > is too expensive, so users of such HW likely want to trust to > > theirs hardware and likely will turn in on. > > That's fine. All you need for these embedded users is a user-space > daemon that feeds data from the hardware directly into /dev/random. > No matter how small your system is, I'm sure you can spare a few > hundred bytes for such a thing. > > In fact most of these systems will have some sort of a general-purpose > daemon that sits around which can perform such a task. > > System calls on Linux are fast enough that there is really no > advantage in doing this in the kernel. > > But if you're really desparate, write a kernel module that does this > in a kernel thread. It is not only about userspace/kernelspace system calls and data copying, but about whole revalidation process, which can and is quite expensive, due to system calls, copying and validating itself, I even think that using userspace rng daemon is completely useless for crypto HW devices - it is faster to obtain entropy from interrupts, than revalidating it in that way. And what about initial bootup? When system needs to create randoom IP/dhcp/any ids? What about small router? There are too many cases where userspace validation is just making things worse. -- Evgeniy Polyakov Crash is better than data corruption -- Arthur Grabowski
Attachment:
signature.asc
Description: This is a digitally signed message part
- Follow-Ups:
- References:
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: David McCullough <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Jeff Garzik <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Jeff Garzik <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Jeff Garzik <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Herbert Xu <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Herbert Xu <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Prev by Date: Re: 2.6.12-rc1-mm2
- Next by Date: Re: Disc driver is module, software suspend fails
- Previous by thread: Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Next by thread: Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Index(es):