Re: [PATCH] (0/4) Entropy accounting fixes

Robert Love (rml@tech9.net)
17 Aug 2002 23:51:52 -0400


On Sat, 2002-08-17 at 23:05, Linus Torvalds wrote:

> This is particularly true on things like embedded routers, where the
> machine usually doesn't actually _run_ much user-level software, but is
> just shuffling packets back and forth. Your logic seems to make it not add
> any entropy from those packets, which can be _deadly_ if then the router
> is also used for occasionally generating some random numbers for other
> things.

Agreed. Further, embedded routers - since they are headless/diskless -
have problems even with the _current_ /dev/random code. They simply do
not generate enough entropy to fulfill sshd requests [1].

Saying "use /dev/urandom" in this case means we may as well not have a
/dev/random. There is a difference between incorrect accounting (which
it seems you have identified) and just too strict gathering behavior.

Robert Love

[1] this is why I wrote my netdev-random patches. some machines just
have to take the entropy from the network card... there is nothing
else.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/