Andi Kleen wrote:
BTW what do you do when the FIPS test fails? I dont see a good fallback path for this case.
If the FIPS test fails, do the obvious: don't feed that data to the kernel (and credit entropy), and possibly stop using the hardware RNG under a human has intervened.
This is not rocket science. The fallback path is "use software", which is what most users do right now anyway.
Jeff - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- Follow-Ups:
- References:
- [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: David McCullough <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Andrew Morton <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Andi Kleen <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Jeff Garzik <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Andi Kleen <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: [email protected]
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Andi Kleen <[email protected]>
- [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Prev by Date: Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Next by Date: Re: [PATCH] s390: claw network device driver
- Previous by thread: Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Next by thread: Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Index(es):