summaryrefslogtreecommitdiffstats
path: root/crypto/twofish_common.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2011-12-22 20:36:22 +0100
committerH. Peter Anvin <hpa@linux.intel.com>2011-12-30 01:49:45 +0100
commitcf833d0b9937874b50ef2867c4e8badfd64948ce (patch)
treef2eb260e524387c6dce6de17b5c06ec0c34adef7 /crypto/twofish_common.c
parentLinux 3.2-rc7 (diff)
downloadlinux-cf833d0b9937874b50ef2867c4e8badfd64948ce.tar.xz
linux-cf833d0b9937874b50ef2867c4e8badfd64948ce.zip
random: Use arch_get_random_int instead of cycle counter if avail
We still don't use rdrand in /dev/random, which just seems stupid. We accept the *cycle*counter* as a random input, but we don't accept rdrand? That's just broken. Sure, people can do things in user space (write to /dev/random, use rdrand in addition to /dev/random themselves etc etc), but that *still* seems to be a particularly stupid reason for saying "we shouldn't bother to try to do better in /dev/random". And even if somebody really doesn't trust rdrand as a source of random bytes, it seems singularly stupid to trust the cycle counter *more*. So I'd suggest the attached patch. I'm not going to even bother arguing that we should add more bits to the entropy estimate, because that's not the point - I don't care if /dev/random fills up slowly or not, I think it's just stupid to not use the bits we can get from rdrand and mix them into the strong randomness pool. Link: http://lkml.kernel.org/r/CA%2B55aFwn59N1=m651QAyTy-1gO1noGbK18zwKDwvwqnravA84A@mail.gmail.com Acked-by: "David S. Miller" <davem@davemloft.net> Acked-by: "Theodore Ts'o" <tytso@mit.edu> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Cc: Matt Mackall <mpm@selenic.com> Cc: Tony Luck <tony.luck@intel.com> Cc: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Diffstat (limited to 'crypto/twofish_common.c')
0 files changed, 0 insertions, 0 deletions