On 12 January 2012 14:53, Florian Fainelli <flor...@openwrt.org> wrote: > Hello, > > > On 01/12/12 12:29, Olipro wrote: >> >> Haveged is an entropy gathering daemon which refills the kernel's entropy >> pool by timing the nanoseconds a CPU takes to complete a loop. The >> existing >> haveged only supports a few architectures - I have added support for any >> given architecture by utilising the CLOCK_MONOTONIC_RAW introduced in >> kernel 2.6.28 - no doubt this does incur a performance penalty since the >> architecture specific code uses assembler. unfortunately reading r9 from >> cp0 on mips requires the cpu to be in kernel or supervisor mode. >> >> Unlike rng-tools, using haveged ensure the entropy pool is not simply >> refilled from /dev/urandom - thus ensuring that evicted entropy is not >> recycled into the secure pool. >> >> however, I'm not entirely sure what dependencies I should be making this >> rely on to ensure people on say... brcm2.4 don't get it, thus if someone >> could take a look at it, I'd be most appreciative - the package itself >> works just fine, I'm using it on my WNDR3800. > > > Though I am not against adding this daemon, rather, I think that we should > make some network drivers interrupts fill the kernel entropy pool like it > used to be, this should solve the entropy problem on most platforms. > --
If I remember correctly there were some security reasons of removing it from the kernel. Although I've done this on ramips platform and didn't face any issues I think that, potentially, a better source or entropy would be radio noise. Of cause if it's possible to get. Regards, Roman _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
