* [PATCH] random: use arch-specific RNG to initialize the entropy store
[not found] <20111222210522.GG5041@thunk.org>
@ 2011-12-22 21:28 ` Theodore Ts'o
0 siblings, 0 replies; only message in thread
From: Theodore Ts'o @ 2011-12-22 21:28 UTC (permalink / raw)
To: Linux Kernel Developers List; +Cc: Theodore Ts'o
If there is an architecture-specific random number generator (such as
RDRAND for Intel architectures), use it to initialize /dev/random's
entropy stores. Even in the worst case, if RDRAND is something like
AES(NSA_KEY, counter++), it won't hurt, and it will definitely help
against any other adversaries.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
---
drivers/char/random.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 6035ab8..f10780a 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -961,6 +961,7 @@ EXPORT_SYMBOL(get_random_bytes);
*/
static void init_std_data(struct entropy_store *r)
{
+ int i;
ktime_t now;
unsigned long flags;
@@ -970,6 +971,11 @@ static void init_std_data(struct entropy_store *r)
now = ktime_get_real();
mix_pool_bytes(r, &now, sizeof(now));
+ for (i = r->poolinfo->poolwords; i; i--) {
+ if (!arch_get_random_long(&flags))
+ break;
+ mix_pool_bytes(r, &flags, sizeof(flags));
+ }
mix_pool_bytes(r, utsname(), sizeof(*(utsname())));
}
--
1.7.8.11.gefc1f.dirty
^ permalink raw reply related [flat|nested] only message in thread