hummmm nice to know, thanks David! i will check this file
2013/9/25 David Johnston <d...@deadhat.com> > On 9/25/2013 2:19 PM, Roberto Spadim wrote: > > > >hi david! > >do you have a patch about this hack? > > Actually Fedora 18 fixes the primary problems. It has an update to rngd so > that it uses RdRand and it gets invoked properly. I passed information on > to RedHat about the problems and they fixed it in Fedora 18. A colleague > submitted patches to rngd to add the ability for it to use RdRand as a > source. > > The only remaining problem is the kernel threshold parameter that causes > it to decide at what level of entropy in the pool it will start to pull > more entropy in through rngd. > > It defaults to a low level, but there is high demand during the boot > process, which results in entropy starvation and /dev/random blocking > during the boot process. I checked this by using bootchart which can log > the level of entropy in the kernel entropy pool during the boot sequence. > With a higher threshold and lots of entropy available through RdRand > through rngd, the pool remains full or close to full during the boot > sequence. Check 'write_wakeup_threshold' in the man page.. > http://man7.org/linux/man-**pages/man4/random.4.html<http://man7.org/linux/man-pages/man4/random.4.html> > . > > It defaults to 128. On my Ivy Bridge system I set it to 3072: > > [root@deadhat ~]# cat /proc/sys/kernel/random/write_**wakeup_threshold > 3072 > > > > > > > > > > ______________________________**______________________________**__________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > -- Roberto Spadim SPAEmpresarial
