Its a long standing debate whether to allow network drivers to
contribute to the kernel entropy pool. This e-mail is not to convince
anyone of anything, but give users a choice.
Right now, a very small number of network devices add to /dev/random.
The majority of them don't, presumably because of the fear of an
external attacker manipulating the kernel entropy pool.
The following patches allow the user to configure at compile-time
whether or not network devices should be allowed to feed the pool. For
those of us who don't fear external attackers, this is a nice addition
of entropy. It is also useful for those who are on a headless system
and need some more sources of entropy.
A new configure statement is available in Network Devices. Enabling it
enables CONFIG_NET_RANDOM which sets a new request_irq flag,
SA_SAMPLE_RANDOM_NET. If enabled, that flag is defined as
SA_SAMPLE_RANDOM. If disabled, the flag is defined as 0. Thus there is
no additional code after compile.
The idea, then, should be to add SA_SAMPLE_RANDOM_NET to each network
devices request_irq call.
Patch #2 does this for some devices: 3c501, 3c505, 3c509, 3c523, 3c59x,
8139too, cs89x0, eepro, eepro100, eexpress, ibmlana, ne2k-pci, pcnet_cs,
xircom_tulic_cb, sk_mca, smc9194, tulic_core, and wavelan. All of the
devices which already contribute entropy have been updated.
-- Robert M. Love rml at ufl.edu rml at tech9.net- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/