Re: [patch 0/5] RNG cleanup & new drivers attempt #1

[email protected] wrote:

- Allow a fastpath where we don't even have the user space portion
  and the HW drivers just feed the entropy pool directly. While
  this bypasses the FIPS tests and such, there are some applications

where this is OK or where we really don't want the extra proccess context switching. This is specially true on ARM. I'll have to add IRQ driven support to the drivers to that, but that's trivial. There is also some HW (MPC8xxx for example) that does periodic self-tests in HW and lists itself as "FIPs-compliant" and will trigger an error if data should no longer be trusted and in that case doing a software

  test might also be undesirable. But...we should let the user decide
  at build time (or runtime?).

Not interesting in pursuing this path. This has been discussed endlessly, check the archives.

We want the FIPS tests. Hardware (especially cheap hardware) is often known to go haywire. Trusting hardware to do the FIPS tests is pretty silly, since you're trusting the piece that might go haywire to tell you its OK. RNGs have a history of suddenly providing non-random data, for a variety of reasons (usually poor board wiring).

We also want the userspace daemon because that gives the sysadmin far more control over how much entropy is added to the system. 99.9% of the cases in the real world, we don't want the RNG pumping entropy into the pool at full speed. That will likely pump in more data than a system needs, chewing CPU. The admin can't even kill the daemon to reclaim his CPU, if its all in-kernel.

It's not brain surgery, to concoct a method by which an interrupt-driven device is used from userspace.

	Jeff


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [patch 0/5] RNG cleanup & new drivers attempt #1
    • From: Deepak Saxena <[email protected]>

• References:
  • [patch 0/5] RNG cleanup & new drivers attempt #1
    • From: [email protected]

• Prev by Date: Ktimer / -rt9 (+custom) monotonic_clock going backwards.
• Next by Date: Re: [patch 2.6.14-rc4] nm256: reset workaround for Latitude CSx
• Previous by thread: [patch 1/5] Remove existing hw_random implementation
• Next by thread: Re: [patch 0/5] RNG cleanup & new drivers attempt #1
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]