On Tue, Aug 09, 2016 at 11:37:39AM +0200, Stephan Mueller wrote: > Am Dienstag, 9. August 2016, 17:17:55 CEST schrieb Herbert Xu: > > Hi Herbert, > > > On Tue, Aug 09, 2016 at 11:02:58AM +0200, Stephan Mueller wrote: > > > But shouldn't the default of the rngd then be adjusted a bit? > > > > Please elaborate. > > in rngd_linux.c:random_add_entropy(void *buf, size_t size): > > entropy.ent_count = size * 8; > entropy.size = size; > memcpy(entropy.data, buf, size); > > if (ioctl(random_fd, RNDADDENTROPY, &entropy) != 0) { > > ... > > > in rngd.c:do_loop(): > > retval = iter->xread(buf, sizeof buf, iter); > ... > rc = update_kernel_random(random_step, > buf, iter->fipsctx); > > where update_kernel_random simply invokes random_add_entropy in chunks. > > Hence, the rngd reads some bytes from /dev/hwrand and injects it into /dev/ > random with an entropy estimate that is equal to the read bytes. > > With less than perfect noise sources, entropy.ent_count should be much > smaller. You're supposed to tweak the quality of the input. In any case, this is not affected by whether we whiten the result. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html