Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: regarding the changes to kernel entropy gathering



On Tue, Apr 06, 2021 at 10:54:51AM -0700, Greg A. Woods wrote:
> At Mon, 5 Apr 2021 23:18:55 -0400, Thor Lancelot Simon <tls%panix.com@localhost> wrote:
> 
> > But what you're missing is that neither does what you
> > think.  When rndctl -L runs after the system comes up multiuser, all
> > entropy samples that have been added (which are in the per-cpu pools)
> > are propagated to the global pool.  Every stream RNG on the system then
> > rekeys itself - they are _not_ just using the entropy from the seed on
> > disk.  Even if nothing does so earlier, when rndctl -S runs as the system
> > shuts down, again all entropy samples that have been added (which, again,
> > are accumulating in the per-cpu pools) are propagated to the global pool;
> > all the stream RNGs rekey themselves again; then the seed is extracted.
> 
> That's all great, and more or less what I've assumed from all the
> previous discussion....
> 
> Except.... it seems to be useless in practice without an initial seed,

Again there's really little I can do other than suggest you read the code.
You are certainly competent to do so, and the code does not do what you
keep claiming it does.  Read the code, all of it -- it's only a few hundred
lines -- and have a think.

When rndctl -L runs, or you perform a sufficiently long write to /dev/random,
all the per-CPU pools, which, counter to what you keep claiming, *do* accumulate
samples from all the same sources they used to, are coalesced into the global
pool.  When rndctl -S runs, all the per-CPU pools, which, counter to what you
keep claiming, *do* accumulate samples from all the same sources they used to,
are coalesced into the global pool.  If you'd like those samples coalesced
into the global pool more frequently, you can use the sysctl to do so.

Thor


Home | Main Index | Thread Index | Old Index