Re: Have the 5.6 kernels dropped support for user input of entropy to the kernel?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Feb 25, 2020 at 12:48:08PM -0700, stan wrote:
> On Tue, 25 Feb 2020 14:24:10 -0500
> Neil Horman <nhorman@xxxxxxxxxx> wrote:
> 
> > On Tue, Feb 25, 2020 at 11:58:56AM -0700, stan wrote:
> 
> > > Doesn't the elimination of the shadow pool, and the removal of
> > > push_to_pool end the ability to push entropy?  I'm going to have to
> > > bite the bullet and take the code apart until I can understand the
> > > new system.
> > >   
> > shouldn't do, the ioclt writes directly to the input_pool
> 
> I can confirm this.  I booted the 5.6 kernel without any patches, and
> the rtl2832 is happily feeding it entropy.  So, all this back and forth
> was because of my mistaken understanding.  Apologies everyone, and
> thanks for your patience.
>  
> > > I'm thinking of a dedicated server that does nothing but provide
> > > entropy.
> 
> > That works pretty well in a secure environment (in fact, once I get
> > it fixed, you can use the nist beacon server code and the nist beacon
> > source to transport that entropy), but I don't think cloud providers
> > like the idea of shipping entropy from a central source to other
> > nodes where the possibility exists for snooping.  They all rely on
> > localized entropy.  Shared entropy pools accross systems are better
> > used for things like distributed testing, where multiple systems
> > might need to use the same random bits.
> 
> Thanks for the explanation.
> 

Hey, just FYI, its still a bit nascent, but it works:
https://github.com/nhorman/rng-tools

Now has an rtlsdr entropy source, which can be used to feed the kernel entropy
pool.  

I'll be tagging and releasing an updated rng-tools in the next few weeks, and
will have it in fedora soon thereafter.

Best
Neil
_______________________________________________
kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora General Discussion]     [Older Fedora Users Archive]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Announce]     [Fedora Package Review]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Coolkey]     [Yum Users]     [Tux]     [Yosemite News]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [USB]     [Asterisk PBX]

  Powered by Linux