> > This matters for userspace, but not for the kernel. We only start up one > > RC4 > > instance, so RC4's low key agility doesn't really bother us. > > > > There are arc4random_buf () calls in the kernel. Those can use the > arc4random_buf_large() mechanism, can thy not? Or are the requests typically > too small?
arc4random_buf_large() is not exported as an API; this is intentional. If you do arc4random_buf_large() for a small buffer size, say 8, you are not winning the output performance vs output quality vs system interactiveness tradeoff in any way. It is a loss in all respects. 2048 was estimated as a knee where it the setup cost for a seperate RC4 is cheap enough so that PRNG data can be created for independent kernel threads without contention/holding of the mutex. This mechanism was invented to improving interactive performance. However it is still expensive.
