On Tue, 25 Feb 2020 14:24:10 -0500 Neil Horman <nhorman@xxxxxxxxxx> wrote: > On Tue, Feb 25, 2020 at 11:58:56AM -0700, stan wrote: > > Doesn't the elimination of the shadow pool, and the removal of > > push_to_pool end the ability to push entropy? I'm going to have to > > bite the bullet and take the code apart until I can understand the > > new system. > > > shouldn't do, the ioclt writes directly to the input_pool I can confirm this. I booted the 5.6 kernel without any patches, and the rtl2832 is happily feeding it entropy. So, all this back and forth was because of my mistaken understanding. Apologies everyone, and thanks for your patience. > > I'm thinking of a dedicated server that does nothing but provide > > entropy. > That works pretty well in a secure environment (in fact, once I get > it fixed, you can use the nist beacon server code and the nist beacon > source to transport that entropy), but I don't think cloud providers > like the idea of shipping entropy from a central source to other > nodes where the possibility exists for snooping. They all rely on > localized entropy. Shared entropy pools accross systems are better > used for things like distributed testing, where multiple systems > might need to use the same random bits. Thanks for the explanation. _______________________________________________ kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx
