Hello,
On 01/12/12 12:29, Olipro wrote:
Haveged is an entropy gathering daemon which refills the kernel's entropy
pool by timing the nanoseconds a CPU takes to complete a loop. The existing
haveged only supports a few architectures - I have added support for any
given architecture by utilising the CLOCK_MONOTONIC_RAW introduced in
kernel 2.6.28 - no doubt this does incur a performance penalty since the
architecture specific code uses assembler. unfortunately reading r9 from
cp0 on mips requires the cpu to be in kernel or supervisor mode.
Unlike rng-tools, using haveged ensure the entropy pool is not simply
refilled from /dev/urandom - thus ensuring that evicted entropy is not
recycled into the secure pool.
however, I'm not entirely sure what dependencies I should be making this
rely on to ensure people on say... brcm2.4 don't get it, thus if someone
could take a look at it, I'd be most appreciative - the package itself
works just fine, I'm using it on my WNDR3800.
Though I am not against adding this daemon, rather, I think that we
should make some network drivers interrupts fill the kernel entropy pool
like it used to be, this should solve the entropy problem on most platforms.
--
Florian
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
