On Sun, Feb 12, 2006 at 06:44:11PM +0000, Matthias Scheler wrote:
> 
> 	Hello,
> 
> I've added support for Intel's hardware random number generator to the
> NetBSD-amd64 port in NetBSD-current a few minutes ago(*). I would therefore
> be interested in feedback whether this works as expected. To benefit of
> this change you need an system using an Intel EM64T capable CPU on an
> i9xx chipset based motherboard running NetBSD-amd64.
> 
> Using a kernel with my changes the kernel should print the following
> message during system startup:
> 
> pchb0: random number generator enabled
> 
> "rndctl" will tell you whether it is delivering randomness:

No, it will not.  These chipsets will act as if the RNG hardware is
present -- and enabled -- even if it is not physically incorporated
in the chip it's supposed to be on.  The only way to know for sure
that the RNG is actually there is to get the full part number off
every chip in the chipset and, basically, have friends at Intel you
can call to check.

We should _not_ enable this RNG by default -- if at all.  It's much
too dangerous.

Thor