Oscar Roozen writes:
> Several people sent me a private email sugesting to use urandom instead,
> but it's not what I use, it's about what all software on the machine uses.
> Should I patch SSH? Should I patch SSL? Or are they using urandom anyway?
urandom is the device to use if you want unlimited random numbers.
> The issue here is that /dev/random is not working. Apparantly because
> add_interrupt_randomness is not called from the SMART2 driver. But then
> again, no add_*_randomness is called from any scsi/*.c driver.
/dev/random is a secure random-number generator. It uses external stimulae
to produce these random numbers, and keeps an track of the entropy of the
random pool. Once it detects that there's not enough randomness in the pool
to guarantee that these numbers are secure, reading from /dev/random will
block. This is its design.
> The only call to add_interrupt_randomness I can find is in */kernel/pci.c
> from handle_IRQ_event and I don't understand why this one never gets called
> on this machine. Also the only call to add_blkdev_randomness is in ide.c.
> Why is there no call from any of the scsi/*.c drivers?
There are other interfaces in the random number stuff. f.e. keyboard
scancodes/busmouse stuff are also used. Any interrupt with the
SA_SAMPLE_RANDOM flag is also used. In 2.4.0, I also see that randomness
is added at the end of processing a request (__scsi_end_request in
scsi_lib.c).
_____
|_____| ------------------------------------------------- ---+---+-
| | Russell King rmk@arm.linux.org.uk --- ---
| | | | http://www.arm.linux.org.uk/personal/aboutme.html / / |
| +-+-+ --- -+-
/ | THE developer of ARM Linux |+| /|\
/ | | | --- |
+-+-+ ------------------------------------------------- /\\\ |
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Aug 15 2000 - 21:00:15 EST