* [PATCH] random: use arch-specific RNG to initialize the entropy store
[not found] <20111222210522.GG5041@thunk.org>
@ 2011-12-22 21:28 ` Theodore Ts'o
0 siblings, 0 replies; only message in thread
From: Theodore Ts'o @ 2011-12-22 21:28 UTC (permalink / raw)
To: Linux Kernel Developers List; +Cc: Theodore Ts'o
If there is an architecture-specific random number generator (such as
RDRAND for Intel architectures), use it to initialize /dev/random's
entropy stores. Even in the worst case, if RDRAND is something like
AES(NSA_KEY, counter++), it won't hurt, and it will definitely help
against any other adversaries.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
---
drivers/char/random.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 6035ab8..f10780a 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -961,6 +961,7 @@ EXPORT_SYMBOL(get_random_bytes);
*/
static void init_std_data(struct entropy_store *r)
{
+ int i;
ktime_t now;
unsigned long flags;
@@ -970,6 +971,11 @@ static void init_std_data(struct entropy_store *r)
now = ktime_get_real();
mix_pool_bytes(r, &now, sizeof(now));
+ for (i = r->poolinfo->poolwords; i; i--) {
+ if (!arch_get_random_long(&flags))
+ break;
+ mix_pool_bytes(r, &flags, sizeof(flags));
+ }
mix_pool_bytes(r, utsname(), sizeof(*(utsname())));
}
--
1.7.8.11.gefc1f.dirty
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2011-12-22 21:28 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <20111222210522.GG5041@thunk.org>
2011-12-22 21:28 ` [PATCH] random: use arch-specific RNG to initialize the entropy store Theodore Ts'o
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.