On Sat, Aug 17, 2002 at 08:08:36PM -0700, Linus Torvalds wrote:
>
> On Sat, 17 Aug 2002, Oliver Xymoron wrote:
> >
> > Let me clarify that 2-5 orders thing. The kernel trusts about 10 times
> > as many samples as it should, and overestimates each samples' entropy
> > by about a factor of 10 (on x86 with TSC) or 1.3 (using 1kHz jiffies).
>
> Lookin gat the code, your _new_ code just throws samples away _entirely_
> just because some random event hasn't happened (the first thing I noticed
> was the context switch testing, there may be others there that I just
> didn't react to).
No, it still mixes them in.
> In short, you seem to cut those random events to _zero_. And this happens
> under what seems to be perfectly realistic loads. That's not trying to fix
> things, that's just breaking them.
>
> > The patches will be a nuisance for anyone who's currently using
> > /dev/random to generate session keys on busy SSL servers.
>
> No, it appears to be a nuisanse even for people who have real issues, ie
> just generating _occasional_ numbers on machines that just don't happen to
> run much user space programs.
Read the code again. Better yet, try it.
23:06ash~$ cat /proc/sys/kernel/random/entropy_avail
4096
23:17ash~$ w
23:17:22 up 11 min, 2 users, load average: 0.09, 0.06, 0.05
It was probably full in less than 11 minutes.
-- "Love the dolphins," she advised him. "Write by W.A.S.T.E.." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Aug 23 2002 - 22:00:14 EST