Re: [PATCH 2/3] random: Use arch_get_random_seed*() at init time and once a second

[Ingo Molnar]

* H. Peter Anvin <hpa@xxxxxxxxxxxxxxx> wrote:

> From: "H. Peter Anvin" <hpa@xxxxxxxxxxxxxxx>
> 
> Use arch_get_random_seed*() in two places in the Linux random
> driver (drivers/char/random.c):
> 
> 1. During entropy pool initialization, use RDSEED in favor of RDRAND,
>    with a fallback to the latter.  Entropy exhaustion is unlikely to
>    happen there on physical hardware as the machine is single-threaded
>    at that point, but could happen in a virtual machine.  In that
>    case, the fallback to RDRAND will still provide more than adequate
>    entropy pool initialization.
> 
> 2. Once a second, issue RDSEED and, if successful, feed it to the
>    entropy pool.  To ensure an extra layer of security, only credit
>    half the entropy just in case.
> 
> Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: H. Peter Anvin <hpa@xxxxxxxxxxxxxxx>
> ---
>  drivers/char/random.c | 24 ++++++++++++++++++++----
>  1 file changed, 20 insertions(+), 4 deletions(-)

Reviewed-by: Ingo Molnar <mingo@xxxxxxxxxx>

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/