I know grsecurity has a option for this but I don't want to patch my
kernel with it at this time. I have been poking around random.c but I
can't seem to figure out where .poolsize is assigned it's value and
how to increase it.
If someone could point it out that would be nice.
Thank you for your time.
On Mon, 21 Jun 2010 09:58:16 -0400 Weedy wrote:
> I know grsecurity has a option for this but I don't want to patch my
> kernel with it at this time. I have been poking around random.c but I
> can't seem to figure out where .poolsize is assigned it's value and
> how to increase it.
>
> If someone could point it out that would be nice.
>
> Thank you for your time.
> --
Do you mean this one in drivers/char/random.c or something else?
static int sysctl_poolsize = INPUT_POOL_WORDS * 32;
It's a sysctl, so it is tunable.
---
~Randy
*** Remember to use Documentation/SubmitChecklist when testing your code ***
Man I need to remember to hit reply-to-all
On Mon, Jun 21, 2010 at 3:56 PM, Randy Dunlap <[email protected]> wrote:
> On 06/21/10 12:48, Weedy wrote:
>> On Mon, Jun 21, 2010 at 11:51 AM, Randy Dunlap <[email protected]> wrote:
>>> On Mon, 21 Jun 2010 09:58:16 -0400 Weedy wrote:
>>>
>>>> I know grsecurity has a option for this but I don't want to patch my
>>>> kernel with it at this time. I have been poking around random.c but I
>>>> can't seem to figure out where .poolsize is assigned it's value and
>>>> how to increase it.
>>>>
>>>> If someone could point it out that would be nice.
>>>>
>>>> Thank you for your time.
>>>> --
>>>
>>> Do you mean this one in drivers/char/random.c or something else?
>>>
>>> static int sysctl_poolsize = INPUT_POOL_WORDS * 32;
>>>
>>> It's a sysctl, so it is tunable.
>> It's locked, some kind of security risk many kernels ago. I'll try
>> changing that but I thought I tried it once before.
>
> Ah, it's mode is 0444 (read-only). Sorry I missed that piece.
> Sure, you could change the mode for your own use (rebuild the kernel).
# cat /proc/sys/kernel/random/poolsize
16384
cat /proc/sys/kernel/random/entropy_avail
4096
I guess there is more to it.
On Tue, Jun 22, 2010 at 7:21 PM, Weedy <[email protected]> wrote:
> Man I need to remember to hit reply-to-all
>
> On Mon, Jun 21, 2010 at 3:56 PM, Randy Dunlap <[email protected]> wrote:
>> On 06/21/10 12:48, Weedy wrote:
>>> On Mon, Jun 21, 2010 at 11:51 AM, Randy Dunlap <[email protected]> wrote:
>>>> On Mon, 21 Jun 2010 09:58:16 -0400 Weedy wrote:
>>>>
>>>>> I know grsecurity has a option for this but I don't want to patch my
>>>>> kernel with it at this time. I have been poking around random.c but I
>>>>> can't seem to figure out where .poolsize is assigned it's value and
>>>>> how to increase it.
>>>>>
>>>>> If someone could point it out that would be nice.
>>>>>
>>>>> Thank you for your time.
>>>>> --
>>>>
>>>> Do you mean this one in drivers/char/random.c or something else?
>>>>
>>>> static int sysctl_poolsize = INPUT_POOL_WORDS * 32;
>>>>
>>>> It's a sysctl, so it is tunable.
>>> It's locked, some kind of security risk many kernels ago. I'll try
>>> changing that but I thought I tried it once before.
>>
>> Ah, it's mode is 0444 (read-only). Sorry I missed that piece.
>> Sure, you could change the mode for your own use (rebuild the kernel).
>
> # cat /proc/sys/kernel/random/poolsize
> 16384
> cat /proc/sys/kernel/random/entropy_avail
> 4096
>
> I guess there is more to it.
>
Bump