1. Anyone have a problem with using xtime rather
than jiffies on architectures which don't support cycle
counters? (completely untested patch attached to illustrate)
2. Anyone have any problem changing fs/proc/proc_misc.c to
register /proc/interrupts to be 0600 instead of 0644 to help
prevent entropy attacks that way?
-- Alex Bligh--- drivers/char/random.c.keep Sat Feb 17 00:02:36 2001 +++ drivers/char/random.c Tue Aug 21 23:19:17 2001 @@ -710,16 +710,27 @@ int entropy = 0;
#if defined (__i386__) + /* If possible, use the clock cycle counter */ if ( test_bit(X86_FEATURE_TSC, &boot_cpu_data.x86_capability) ) { __u32 high; __asm__(".byte 0x0f,0x31" :"=a" (time), "=d" (high)); num ^= high; } else { - time = jiffies; + time = (__u32)(xtime.tv_usec) ^ (__u32)(xtime.tv_sec); } #else - time = jiffies; + /* If we can't get the clock cycle counter, get the number + * of elapsed microseconds. Note: + * - we don't need the xtime spinlock as we are only reading + * one half (even then, the odd SMP race is only going to + * add to entropy) + * - this may indeed wrap; but so could the original cycle + * counter, and as us occur less frequently than clock cycles, + * it's less of a problem. In any case it would underestimate + * entropy on a wrap. + */ + time = (__u32)(xtime.tv_usec) ^ (__u32)(xtime.tv_sec); #endif
/*
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 23 2001 - 21:00:46 EST