On Tue, 2013-02-05 at 11:11 -0500, Bill Nottingham wrote:
> Matthew Garrett (mj...@srcf.ucam.org) said:
> > This patchset means that there's a /dev/hwrng available in the guest, so
> > you still need to run something like rngd to mix that into the kernel's
> > entropy pool.
>
> Speaking of, why is it a thing that we need a separate userspace daemon
> to dump data from kernel bucket A (/dev/hwrng) into kernel bucket B
> (the entropy pool)?
I completely agree with Bill here. I think this mechanism should be just
built into kernel and for the paranoid it should definitely be
controllable by sysctl (even maybe off by default although in initial
seeding of the kernel entropy pool it would be very nice to have it on).
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
