The random device is a fairly useful thing to have (I use it for
input values to "crashme" ;-) but there lots of people who don't
use it for anything. For those people, it would be useful to have a
CONFIG_RANDOM option, so that they can save a bit of space, and avoid
the small overhead associated with all the add_XXX_randomness() calls.
Paul.
diff -ur /tmp/linux/Documentation/Configure.help linux/Documentation/Configure.help
--- /tmp/linux/Documentation/Configure.help Mon May 13 01:11:09 1996
+++ linux/Documentation/Configure.help Mon May 13 14:12:50 1996
@@ -41,7 +41,7 @@
currently in alpha-test, then the developers usually discourage
widespread use of this feature by the general public to avoid
"Why doesn't this work?" type mail messages. However, active testing
- and and detailed bug reports from people familiar with the kernel's
+ and detailed bug reports from people familiar with the kernel's
internals are usually welcomed by the developers. Unless you intend
to help test and develop a feature or driver that falls into this
category, you should probably say N here, which will cause this
@@ -3246,6 +3246,23 @@
compatible fashion. If you think you have a use for such a device
(such as periodic data sampling), then say Y here, and go read the
file Documentation/rtc.txt for details.
+
+Secure Random Number Generator Support
+CONFIG_RANDOM
+ Since computers are very predictable devices, it is difficult to
+ have a computer create an unpredictable series of random numbers.
+ Applications such as cryptography require a truly random series
+ of numbers to ensure data security against unwanted attackers.
+ Enabling this option causes the kernel to gather environmental
+ noise from things like mouse, keyboard and disk activity, and
+ then create truly random numbers based on this collected noise.
+ These random numbers are reported back to the user via /dev/random
+ and /dev/urandom character devices. The top few pages of the file
+ drivers/char/random.c describes how to implement these devices, how
+ to preserve randomness across reboots, and other important details.
+ If you have a use for such a device, then say Y here, and go read
+ the above file. Saying N here will save you about 15kB of memory,
+ and avoid the small overhead associated with collecting the noise.
Sound card support
CONFIG_SOUND
diff -ur /tmp/linux/arch/alpha/defconfig linux/arch/alpha/defconfig
--- /tmp/linux/arch/alpha/defconfig Sat May 11 16:25:51 1996
+++ linux/arch/alpha/defconfig Mon May 13 13:03:37 1996
@@ -202,6 +202,7 @@
# CONFIG_APM is not set
# CONFIG_WATCHDOG is not set
# CONFIG_RTC is not set
+# CONFIG_RANDOM is not set
#
# Sound
diff -ur /tmp/linux/arch/i386/defconfig linux/arch/i386/defconfig
--- /tmp/linux/arch/i386/defconfig Sat May 11 16:25:51 1996
+++ linux/arch/i386/defconfig Mon May 13 13:03:22 1996
@@ -161,6 +161,7 @@
# CONFIG_APM is not set
# CONFIG_WATCHDOG is not set
# CONFIG_RTC is not set
+# CONFIG_RANDOM is not set
#
# Sound
diff -ur /tmp/linux/drivers/char/Config.in linux/drivers/char/Config.in
--- /tmp/linux/drivers/char/Config.in Thu May 2 15:06:31 1996
+++ linux/drivers/char/Config.in Sun May 12 15:21:27 1996
@@ -62,4 +62,5 @@
fi
fi
bool 'Enhanced Real Time Clock Support' CONFIG_RTC
+bool 'Secure Random Number Generator Support' CONFIG_RANDOM
endmenu
diff -ur /tmp/linux/drivers/char/Makefile linux/drivers/char/Makefile
--- /tmp/linux/drivers/char/Makefile Thu Apr 25 20:27:42 1996
+++ linux/drivers/char/Makefile Sun May 12 15:24:04 1996
@@ -21,8 +21,14 @@
L_TARGET := char.a
M_OBJS :=
L_OBJS := tty_io.o n_tty.o console.o \
- tty_ioctl.o pty.o vt.o mem.o vc_screen.o random.o \
+ tty_ioctl.o pty.o vt.o mem.o vc_screen.o \
consolemap.o selection.o
+
+ifeq ($(CONFIG_RANDOM),y)
+L_OBJS += random.o
+else
+L_OBJS += ran_stub.o
+endif
ifeq ($(CONFIG_SERIAL),y)
ifndef CONFIG_SUN_SERIAL
diff -ur /tmp/linux/drivers/char/mem.c linux/drivers/char/mem.c
--- /tmp/linux/drivers/char/mem.c Thu Apr 25 20:27:42 1996
+++ linux/drivers/char/mem.c Sun May 12 17:36:26 1996
@@ -351,12 +351,14 @@
case 7:
filp->f_op = &full_fops;
break;
+#ifdef CONFIG_RANDOM
case 8:
filp->f_op = &random_fops;
break;
case 9:
filp->f_op = &urandom_fops;
break;
+#endif
default:
return -ENODEV;
}
@@ -382,7 +384,9 @@
{
if (register_chrdev(MEM_MAJOR,"mem",&memory_fops))
printk("unable to get major %d for memory devs\n", MEM_MAJOR);
+#ifdef CONFIG_RANDOM
rand_initialize();
+#endif
tty_init();
#ifdef CONFIG_PRINTER
lp_init();
diff -ur /tmp/linux/drivers/char/ran_stub.c linux/drivers/char/ran_stub.c
--- /tmp/linux/drivers/char/ran_stub.c Thu Jan 1 00:00:00 1970
+++ linux/drivers/char/ran_stub.c Mon May 13 13:30:54 1996
@@ -0,0 +1,48 @@
+/*
+ * Stub functions for a non-implementation of the random device.
+ * This avoids having #ifdef CONFIG_RANDOM scattered through
+ * millions of files. Ideally it could have been done as macros in
+ * random.h but quota "non-support" does it with stub functions
+ * as well, so...
+ * Paul Gortmaker
+ */
+
+#include <linux/kernel.h>
+#include <asm/types.h>
+
+void rand_initialize_irq(int irq)
+{
+}
+
+void rand_initialize_blkdev(int irq, int mode)
+{
+}
+
+void add_keyboard_randomness(unsigned char scancode)
+{
+}
+
+void add_mouse_randomness(__u32 mouse_data)
+{
+}
+
+void add_interrupt_randomness(int irq)
+{
+}
+
+void add_blkdev_randomness(int irq)
+{
+}
+
+/*
+ * Currently nfsroot is the only kernel code to call this routine, as it
+ * uses random bytes for the BOOTP request. Moan loudly if someone tries
+ * to call get_random_bytes() without compiling the random driver in.
+ * Alternatively, one could just bin this function, which would cause
+ * such broken kernel configurations to fail to link...
+ */
+
+void get_random_bytes(void *buf, int nbytes)
+{
+ printk(KERN_ERR "Random data reqested but random driver not resident.\n");
+}