Re: [PATCH] Re: [PATCH] drivers/net: remove network drivers' lastfew uses of IRQF_SAMPLE_RANDOM

From: Helge Hafting
Date: Thu May 22 2008 - 05:28:46 EST

Next message: Huang, Ying: "[PATCH] kexec jump -v10: kexec jump"
Previous message: Rusty Russell: "Re: [PATCH 3/4] modules: proper cleanup of kobject without CONFIG_SYSFS"
In reply to: Andi Kleen: "Re: [PATCH] Re: [PATCH] drivers/net: remove network drivers' lastfew uses of IRQF_SAMPLE_RANDOM"
Next in thread: Adrian Bunk: "Re: [PATCH] Re: [PATCH] drivers/net: remove network drivers' lastfew uses of IRQF_SAMPLE_RANDOM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andi Kleen wrote:

Herbert Xu wrote:

You can continue to feed data into the pool even if it fails the
test. You just keep the entropy value same as before.

You could do that, but what advantage would it have? I don't think it's
worth running the FIPS test, or rather requiring the user land daemon
and leaving behind most of the userbase just for this.

Security through obfuscation?
Someone trying to predict the RNG can do so in theory, but if
they have to keep track of network timings, disk activity, and 5 other things, then
chances are that they fail ofen enough even if the attack is possible "in theory".

Helge Hafting
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Huang, Ying: "[PATCH] kexec jump -v10: kexec jump"
Previous message: Rusty Russell: "Re: [PATCH 3/4] modules: proper cleanup of kobject without CONFIG_SYSFS"
In reply to: Andi Kleen: "Re: [PATCH] Re: [PATCH] drivers/net: remove network drivers' lastfew uses of IRQF_SAMPLE_RANDOM"
Next in thread: Adrian Bunk: "Re: [PATCH] Re: [PATCH] drivers/net: remove network drivers' lastfew uses of IRQF_SAMPLE_RANDOM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]