Re: [PATCH] drivers/net: remove network drivers' last few uses ofIRQF_SAMPLE_RANDOM

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Adrian Bunk

Subject: Re: [PATCH] drivers/net: remove network drivers' last few uses ofIRQF_SAMPLE_RANDOM

Date: Sunday, May 18, 2008 - 5:02 am

On Sun, May 18, 2008 at 08:41:10AM +0200, Gilles Espinasse wrote:
quoted text> > On Fri, May 16, 2008 at 10:08:29PM +0200, Gilles Espinasse wrote:
> > >
> > > That's funny
> > > It does look to disturb some kernel developper that ethernet may be
> sniffed
> > > to feed a RNG
> > > even that could be very hard to reach any effective result in the case
> of a
> > > machine splitting different network segments.
> > >
> > > In the same time, it does not disturb openssl developpers to include non
> > > initialised memory that may or may not be predictable to feed a RNG.
> > > http://marc.info/?l=openssl-dev&m=121095151003011&w=2
> >
> > Why should it disturb them?
> >
> > As is explained in the email you quote it cannot make the RNG
> > output worse.
> >
> Yes that's the whole point.
> Why remove IRQF_SAMPLE_RANDOM if "it cannot make the RNG output worse."
> We should not care if network traffic can be sniffed in some configurations
> (plus sniffing could be very unlikely in some others).
>...
> Are network drivers better without SAMPLE_RANDOM?
> My understanding of openssl developper answer is same as yours :
> "it cannot make the RNG output worse."

The "it cannot make the RNG output worse." only applies to the OpenSSL 
case (one could argue whether it makes sense, but it can't do harm).

IRQF_SAMPLE_RANDOM and what was discussed in this email on the OpenSSL 
mailing list are two completely different subjects, and you completely 
miss the problem when you mix them.

quoted text> So why remove SAMPLE_RANDOM on network cards today if there is no
> replacement solution ready for x% of machines running linux actually?
>...

The replacement solution ready on all Linux machines today is for 
userspace to use /dev/urandom instead of /dev/random if feasible.

quoted text> Gilles

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: [PATCH] drivers/net: remove network drivers' last few ..., Gilles Espinasse, (Sat May 17, 11:41 pm)

Re: [PATCH] drivers/net: remove network drivers' last few ..., Alan Cox, (Sun May 18, 2:54 am)

Re: [PATCH] drivers/net: remove network drivers' last few ..., Adrian Bunk, (Sun May 18, 5:02 am)

Re: [PATCH] drivers/net: remove network drivers' last few ..., Theodore Tso, (Sun May 18, 5:24 am)

Re: [PATCH] drivers/net: remove network drivers' last few ..., Adrian Bunk, (Sun May 18, 7:43 am)

Navigation

Popular discussions


linux-kernel:
Ken Chen	[patch] sched: fix inconsistency when redistribute per-cpu tg->cfs_rq shares.
Ingo Molnar	Re: [PATCH v3] x86: merge the simple bitops and move them to bitops.h
Jan Engelhardt	Re: [PATCH] Allow Kconfig to set default mmap_min_addr protection
Dmitry Torokhov	Re: [2.6 patch] input/serio/hp_sdc.c section fix
Rafael J. Wysocki	[Bug #16380] Loop devices act strangely in 2.6.35
git:
Steven Grimm	Using git as a general backup mechanism (was Re: Using GIT to store /etc)
Jeff King	Re: [PATCH] git-reset: allow --soft in a bare repo
Johannes Sixt	Re: [PATCH 01/14] msvc: Fix compilation errors in compat/win32/sys/poll.c
Johannes Schindelin	Re: [PATCH] Uninstall rule for top level Makefile
Shawn O. Pearce	Re: [PATCH v2] Speed up bash completion loading
git-commits-head:
Linux Kernel Mailing List	cgroups: clean up cgroup_pidlist_find() a bit
Linux Kernel Mailing List	sony-laptop: Add support for extended hotkeys
Linux Kernel Mailing List	IB/core: Add support for masked atomic operations
Linux Kernel Mailing List	V4L/DVB (8939): cx18: fix sparse warnings
Linux Kernel Mailing List	ipv6 mcast: Check address family of gf_group in getsockopt(MS_FILTER).
linux-netdev:
Inaky Perez-Gonzalez	[PATCH 40/40] wimax/i2400m: add CREDITS and MAINTAINERS entries
Karsten Keil	[mISDN PATCH v2 05/19] Reduce stack size in dsp_cmx_send()
linux	Re: 2.6.23-rc8 network problem. Mem leak? ip1000a?
David Miller	Re: tun: Use netif_receive_skb instead of netif_rx
David Miller	Re: [net-next PATCH v2] llc enhancements
freebsd-current:
Matthew Fleming	Re: [RFC] Outline of USB process integration in the kernel taskqueue system
illoai@gmail.com	Re: OT: 2d password
Hartmut Brandt	Re: problem with nss_ldap
Andrew Reilly	Re: FreeBSD's problems as seen by the BSDForen.de community
Max Laier	Re: Upcoming ABI Breakage in RELENG_7

Colocation donated by:

Syndicate