Chris Peterson wrote:
quoted text
> Should network devices be allowed to contribute entropy to /dev/random?
> 
> This issue has been discussed before, but does not seem to have been
> settled: some net drivers [1] use IRQF_SAMPLE_RANDOM when calling
> request_irq(), but the vast majority do not. It seems like all net
> drivers should follow the same entropy paranoia policy (whether that
> is all net drivers should use IRQF_SAMPLE_RANDOM, no net drivers, or a
> compile-time option).


Quoting David Miller's excellent summary:


The argument is that if you have a diskless system not taking any 
keyboard or other input from the user, the network would be your only 
source of random number entropy.

But on the flip side, if the network provides the entropy, this is 
externally influencable random number entropy and thus in theory 
exploitable.  And furthermore, on-board random number generators are the 
real answer to this problem.

Thus, the impasse.

There are roughly equal arguments on both sides.  Providing some entropy 
could be argued as better than nothing, but it could also be said that 
providing potentially exploitable entropy is in fact worse than none at all.

</quote>


I tend to push people to /not/ add IRQF_SAMPLE_RANDOM to new drivers, 
but I'm not interested in going on a pogrom with existing code.  We all 
have better things to do with our time :)

	Jeff


--
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/