On Fri, Jun 03, 2016 at 07:42:52PM +0200, Emese Revfy wrote:
On Wed, 1 Jun 2016 12:42:27 -0700
Andrew Morton <a...@linux-foundation.org> wrote:
On Tue, 31 May 2016 01:31:45 +0200 Emese Revfy <re.em...@gmail.com> wrote:
> This plugin mitigates the problem of the kernel having too little entropy
during
> and after boot for generating crypto keys.
>
> It creates a local variable in every marked function. The value of this
variable is
> modified by randomly chosen operations (add, xor and rol) and
> random values (gcc generates them at compile time and the stack pointer at
runtime).
> It depends on the control flow (e.g., loops, conditions).
>
> Before the function returns the plugin writes this local variable
> into the latent_entropy global variable. The value of this global variable is
> added to the kernel entropy pool in do_one_initcall() and _do_fork().
I don't think I'm really understanding. Won't this produce the same
value on each and every boot?
No, because of interrupts and intentional data races.
Wouldn't that result in the value having one of a small number of
values, then? Even if it was just one of thousands or millions of
values, it would make the search space quite small.
David
