[OneRNG-Discuss] Debian 12 kernel ignoring entropy from OneRNG?
Andy Smith
andy-onlinegroups.net at strugglers.net
Thu Mar 14 22:42:05 GMT 2024
On Thu, Mar 14, 2024 at 10:15:52PM +0000, Tom Yates wrote:
> On Fri, 15 Mar 2024, Jim Cheetham wrote:
> > However, there are good comments all over the code ... I think I can understand those ...
> >
> > https://git.kernel.org/pub/scm/linux/kernel/git/crng/random.git/tree/drivers/char/random.c#n1352
> >
> > > "Writing to either /dev/random or /dev/urandom adds entropy to the input pool but does not credit it."
>
> well, that's very interesting; thank you. i guess i'll leave my OneRNG
> inside that system, then, merrily ticking away.
I still wonder if the output of hardware entropy gadgets are
actually being used by the kernel though, because as mentioned the
CSPRNG is seeded really early in the boot by RDRAND and goes on its
merry way from there. I'm not sure if it uses much even from RDRAND
after the initial seeding.
I have some EntropyKeys and some OneRNGs in use in machines that
started off making use of them but I'm not sure if there is any
benefit to doing so now, or with new machines.
I suppose it is very hard to quantify if an entropy pool resulting
from the Linux CSPRNG running for time t is any "better" for having
some entropy mixed in from a gadget vs. if it had just been left to
extrapolate from its initial seeding by RDRAND and CPU timings etc.
Thanks,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
More information about the Discuss
mailing list