Re: [PATCH] Kernel entropy rework

To: <riastradh%NetBSD.org@localhost>
Subject: Re: [PATCH] Kernel entropy rework
From: <Paul.Koning%dell.com@localhost>
Date: Sun, 22 Dec 2019 01:27:58 +0000

> On Dec 21, 2019, at 5:08 PM, Taylor R Campbell <riastradh%NetBSD.org@localhost> wrote:
> 
> 
> 
> The attached patch set reworks the kernel entropy subsystem.
> 
> ...
>      - For (e.g.) keyboard interrupt and network packet timings, this
>        is zero, because an adversary can cause events to happen with
>        timing that leads to predictable samples entering the pool.

That seems overly pessimistic, depending on the timer resolution.  If you have a CPU cycle timer, then it is perfectly reasonable to claim a bit or two of entropy, since an adversary doesn't have the ability to control the timing of those events to nanosecond accuracy, nor the ability to control internal processing delays (like memory cache misses) which introduce variability way in excess of a CPU cycle.

	paul

Follow-Ups:
- Re: [PATCH] Kernel entropy rework
  - From: Taylor R Campbell

References:
- [PATCH] Kernel entropy rework
  - From: Taylor R Campbell

Prev by Date: Re: [PATCH] Kernel entropy rework
Next by Date: Re: [PATCH v3] Include XSTATE note in x86 core dumps
Previous by Thread: Re: [PATCH] Kernel entropy rework
Next by Thread: Re: [PATCH] Kernel entropy rework
Indexes:

Home | Main Index | Thread Index | Old Index