tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Changes to make /dev/*random better sooner

On Tue, Apr 08, 2014 at 09:39:12AM +0200, Martin Husemann wrote:
> On Tue, Apr 08, 2014 at 12:25:32AM -0400, Thor Lancelot Simon wrote:
> >         2) Accumulate the output of kernel printf (as well as the times
> >            when it's called) and add this periodically.  To avoid issues
> >            with recursion through diagnostic printfs, we use SHA512 to
> >            accumulate the printf output, then mix in its output.
> I wonder if we should make this part a compile time option (typically 
> defaulting to on for most architectures - but I haven't tried on
> really the difference it makes for really slow machines). I do understand
> that kernel output is rare post boot, so it might not be a big deal.

Even *at* boot time, kernel output is rare for the relevant definition
of "rare" -- even on the slowest machine, hashing a couple of kilobytes
wil take only a tiny fraction of a second.


Home | Main Index | Thread Index | Old Index