On Tue, Sep 10, 2013 at 11:40 AM, Tim Bird <tbird20d@xxxxxxxxx> wrote:
> How much time does it add to boot to feed the device tree into the
> random number pool.
>
> Some of the device trees are expected to get pretty big. If it's over
> a millisecond, IMHO, it should be configurable (but this is not).
It's detinitely not a very fast operation. "add_device_randomness()"
does four full "mix_pool_bytes()" operations, and those each iterate
over the input set one byte at a time.
It was kind of designed for things like mixing in ethernet MAC
addresses etc, so at the time that was written, the thinking was that
it would be just a few bytes, maybe tens of bytes.
I don't know how big flattened device trees can be, but I guess we're
talking a couple of kB?
So it might even be a better idea to feed the device tree to a hashing
function (eg SHA1 or even just MD5), and then just mix in the hash. At
least most block hash functions do things a word at a time. It does
*not* need to be cryptographically secure, so MD5 would be plenty good
enough - the only point of the hash would be to give a meaningful
number of result bits from the source array.
Of course, maybe even the stupid add_device_randomness() is fast
enough. I just wanted to point out that it definitely isn't some
optimized thing.
Linus
--
To unsubscribe from this list: send the line "unsubscribe devicetree" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
