On Sun, Aug 20, 2017 at 12:22 PM, Jonathan Cameron <jic23@xxxxxxxxxx> wrote: > On Thu, 17 Aug 2017 15:56:11 +0200 > Michał Mirosław <mirq-linux@xxxxxxxxxxxx> wrote: >> Signed-off-by: Michał Mirosław <mirq-linux@xxxxxxxxxxxx> > > Hmm. I wondered about the firmware version as a source of randomness, but > will leave it in here. (...) >> + add_device_randomness(&fw, sizeof(fw)); > > The firmware version seems rather to guessable to really count as randomness. > presumably it would constant for a particular batch of chips. That is true, this should go, not for security reasons but because it doesn't add much device-unique randomness. Nothing we add with add_device_randomness() actually affects the entropy pool trust, it is just icing making it - maybe - even more random, so adding 256 zeroes is fine for the trust, just pointless and taking time for no good. Yours, Linus Walleij -- To unsubscribe from this list: send the line "unsubscribe linux-iio" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
