On Thu, Aug 25, 2016 at 5:30 PM, H. Peter Anvin <h...@zytor.com> wrote:
> The network stack is a good source of entropy, *once it is online*. > However, the most serious case is while the machine is still booting, > when the network will not have enabled yet. > > -hpa One possible solution is at: https://github.com/sandy-harris/maxwell A small (< 700 lines) daemon that gets entropy from timer imprecision and variations in time for arithmetic (cache misses, interrupts, etc.) and pumps it into /dev/random. Make it the first userspace program started and all should be covered. Directory above includes a PDF doc with detailed rationale and some discussion of alternate solutions. Of course if you are dealing with a system-on-a-chip or low-end embedded CPU & the timer is really inadequate, this will not work well. Conceivably well enough, but we could not know that without detailed analysis for each chip in question.
