Am Dienstag, 9. August 2016, 17:17:55 CEST schrieb Herbert Xu: Hi Herbert, > On Tue, Aug 09, 2016 at 11:02:58AM +0200, Stephan Mueller wrote: > > But shouldn't the default of the rngd then be adjusted a bit? > > Please elaborate. in rngd_linux.c:random_add_entropy(void *buf, size_t size): entropy.ent_count = size * 8; entropy.size = size; memcpy(entropy.data, buf, size); if (ioctl(random_fd, RNDADDENTROPY, &entropy) != 0) { ... in rngd.c:do_loop(): retval = iter->xread(buf, sizeof buf, iter); ... rc = update_kernel_random(random_step, buf, iter->fipsctx); where update_kernel_random simply invokes random_add_entropy in chunks. Hence, the rngd reads some bytes from /dev/hwrand and injects it into /dev/ random with an entropy estimate that is equal to the read bytes. With less than perfect noise sources, entropy.ent_count should be much smaller. > > Thanks, Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html