Re: [RFC] frandom - fast random generator module

[Matt Mackall]

On Thu, Oct 16, 2003 at 12:38:28PM -0600, Andreas Dilger wrote:
> On Oct 16, 2003  12:45 -0500, Matt Mackall wrote:
> > On Thu, Oct 16, 2003 at 10:20:20AM -0600, Andreas Dilger wrote:
> > > For Lustre we need a low-cost RNG for generating opaque 64-bit handles in
> > > the kernel.  The use of get_random_bytes() showed up near the top of
> > > our profiles and we had to invent our own low-cost crappy PRNG instead (it's
> > > good enough for the time being, but when we start working on real security
> > > it won't be enough).
> > 
> > Is this SMP? If so, how many processors? I wonder if you might be
> > running into some lock contention in the pool entropy transfer -
> > there's a lock held while mixing new samples into a given pool that
> > could potentially be a hit.
> 
> It was a 2-way SMP system.  We use the RNG a fair amount (enough to know
> that 2 CPUs can race and return the same value from get_random_bytes() ;-)

Sure this is a race and not a birthday paradox? How recent is this?
Possibly before locking was added to random.c?

> so we had to put a spinlock around our calls to that.  Even so, oprofile
> showed extract_entropy() and SHATransform() near the top of CPU users.

Ok, the lock contention would be with add_entropy_words. I've got code
that reduces calls to SHATransform for /dev/urandom, but it require
addressing the starvation issues between /dev/random and /dev/urandom first.

-- 
Matt Mackall : http://www.selenic.com : Linux development and consulting
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/