Hi! On Sat 2019-09-28 16:53:52, Linus Torvalds wrote: > On Sat, Sep 28, 2019 at 3:24 PM Thomas Gleixner wrote: > > > > Nicholas presented the idea to (ab)use speculative execution for random > > number generation years ago at the Real-Time Linux Workshop: > > What you describe is just a particularly simple version of the jitter > entropy. Not very reliable. > > But hey, here's a made-up patch. It basically does jitter entropy, but > it uses a more complex load than the fibonacci LFSR folding: it calls > "schedule()" in a loop, and it sets up a timer to fire. > > And then it mixes in the TSC in that loop. > > And to be fairly conservative, it then credits one bit of entropy for > every timer tick. Not because the timer itself would be all that > unpredictable, but because the interaction between the timer and the > loop is going to be pretty damn unpredictable. > > Ok, I'm handwaving. But I do claim it really is fairly conservative to > think that a cycle counter would give one bit of entropy when you time > over a timer actually happening. The way that loop is written, we do > guarantee that we'll mix in the TSC value both before and after the > timer actually happened. We never look at the difference of TSC > values, because the mixing makes that uninteresting, but the code does > start out with verifying that "yes, the TSC really is changing rapidly > enough to be meaningful". > > So if we want to do jitter entropy, I'd much rather do something like > this that actually has a known fairly complex load with timers and > scheduling. > +/* > + * If we have an actual cycle counter, see if we can > + * generate enough entropy with timing noise > + */ > +static void try_to_generate_entropy(void) > +{ > + struct { > + unsigned long now; > + struct timer_list timer; > + } stack; Should we have some kind of notifier chain, so that we could utilize better random sources (spinning rust) if we had them? Best regards, Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html