Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261589AbVC2Wsx (ORCPT ); Tue, 29 Mar 2005 17:48:53 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261610AbVC2Wsx (ORCPT ); Tue, 29 Mar 2005 17:48:53 -0500 Received: from parcelfarce.linux.theplanet.co.uk ([195.92.249.252]:31695 "EHLO parcelfarce.linux.theplanet.co.uk") by vger.kernel.org with ESMTP id S261589AbVC2Wq7 (ORCPT ); Tue, 29 Mar 2005 17:46:59 -0500 Message-ID: <4249DAD4.9020602@pobox.com> Date: Tue, 29 Mar 2005 17:46:44 -0500 From: Jeff Garzik User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Bill Davidsen CC: Herbert Xu , Evgeniy Polyakov , David McCullough , cryptoapi@lists.logix.cz, linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org, Andrew Morton , James Morris Subject: Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11) References: <1111731361.20797.5.camel@uganda><1111731361.20797.5.camel@uganda> <20050325061311.GA22959@gondor.apana.org.au> <4249D06F.30802@tmr.com> In-Reply-To: <4249D06F.30802@tmr.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1617 Lines: 40 Bill Davidsen wrote: > Herbert Xu wrote: > >> You missed the point. This has nothing to do with the crypto API. >> Jeff is saying that if this is disabled by default, then only a few >> users will enable it and therefore use this API. >> >> Since we can't afford to enable it by default as hardware RNG may >> fail which can lead to catastrophic consequences, there is no point >> for this API at all. > > > Wait a minute, if it fails the system drops back to software, which is > not as good in a pedantic analysis, but perhaps falls a good bit short > of "catastrophic consequences" as most people would characterize that > phrase. And more to the point, now that many CPUs and chipsets are the > RNG of choice, what is the actual probability of a failure of the RNG > leaving a functional system (that's a real question seeking response > from someone who has some actual data). As I've said, in the past the Intel RNGs in particular -have- failed, but the rest of the system keeps on working just fine. It probably depends on the hardware implementation; I think the Intel RNG was based on a thermal diode, or somesuch. In the cases where an RNG has failed in the past, the system has worked as expected: rngd stopped feeding data into the entropy pool. If the VIA RNG (on-CPU) fails, that's probably indicative of a larger problem, though. Jeff - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/