tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: regarding the changes to kernel entropy gathering
On Sun, Apr 04, 2021 at 03:32:08PM -0700, Greg A. Woods wrote:
> At Mon, 05 Apr 2021 00:14:30 +0200 (CEST), Havard Eidnes <he%NetBSD.org@localhost> wrote:
> Subject: Re: regarding the changes to kernel entropy gathering
> >
> > > What about architectures that have nothing like RDRAND/RDSEED? Are
> > > they, effectively, totally unsupported now?
> >
> > Nope, not entirely. But they have to be seeded once. If they
> > have storage which survives reboots, and entropy is saved and
> > restored on reboot, they will be ~fine.
>
> BTW, to me reusing the same entropy on every reboot seems less secure.
Except that's not what the system is doing. It removes the seed file on
boot and creates a new one on shutdown.
> > Systems without persistent storage and also without RDRAND/RDSEED
> > will however be ... a more challenging problem.
>
> Leaving things like that would be totally silly.
>
> With my patch the old way of gathering entropy from devices works just
> fine as it always did, albeit with the second patch it does require a
> tiny bit of extra configuration.
You keep repeating yourself. It doesn't make your claims any less false.
At this point, can we please just stop this thread?
Joerg
Home |
Main Index |
Thread Index |
Old Index