"Oliver M . Bolzer" wrote:
>
> Hi!
>
> Recently I needed a lot of entroy for cryptographic purposes on a
> server and took a look at where the entroy for drivers/char/random.c
> was coming from, as the server didn't have any activly used mouse/keyboard.
>
> Anyway, I noticed that only 3 drivers were using add_interrupt_randomness()
> to donate their irq timings into the entropy pool. Shouldn't other drivers
> (especially network drivers) do this too ?
>
> The only thing needed is to add the SA_SAMPLE_RANDOM flag to request_irq
> in the drivers.
>
> If nobody objects, I'll submit a patch that adds this to network drivers.
Then you make your local random pool vulnerable to external
manipulation, to a certain extent...
Jeff
--
Jeff Garzik | The difference between laziness and
Building 1024 | prioritization is the end result.
MandrakeSoft |
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
