Re: [PATCH resend 0/2] random: Use DRBG sources
From: Torsten Duwe
Date: Mon Apr 14 2014 - 12:14:19 EST
On Mon, Apr 14, 2014 at 08:49:58AM -0700, Andy Lutomirski wrote:
> [Resent because I forgot to email lkml. This also surreptitiously
> fixes a silly typo on a patch description.]
>
> This is my attempt to come up with a workable way to use so-called
> entropy sources like a TPM to feed /dev/urandom.
Ahem, The TPM RNGs are true HWRNGs, but they are very limited.
Their main purpose is to generate enough bits so that the TPM
can generate a genuine key pair after a few seconds.
Why do you want to put those valuable true random bits into urandom?
> Arguably we should be feeding the input pool as well, but if the
Yes.
> /dev/random algorithm is correct, this shouldn't matter. I don't want
> sensible use of TPMs for /dev/urandom to block on a long debate about
> /dev/random, so these patches have no effect on /dev/random.
That confuses me a bit.
Torsten
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/