Entropy poolsize
in [Kernel]
|
Prev: rt2870: add device id for Zyxel NWD-270N
Next: [PATCH 3/2] Driver core: move platform device creation helpers to .init.text (if MODULE=n)
From: Weedy on 21 Jun 2010 10:00 I know grsecurity has a option for this but I don't want to patch my kernel with it at this time. I have been poking around random.c but I can't seem to figure out where .poolsize is assigned it's value and how to increase it. If someone could point it out that would be nice. Thank you for your time. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Randy Dunlap on 21 Jun 2010 12:00 On Mon, 21 Jun 2010 09:58:16 -0400 Weedy wrote: > I know grsecurity has a option for this but I don't want to patch my > kernel with it at this time. I have been poking around random.c but I > can't seem to figure out where .poolsize is assigned it's value and > how to increase it. > > If someone could point it out that would be nice. > > Thank you for your time. > -- Do you mean this one in drivers/char/random.c or something else? static int sysctl_poolsize = INPUT_POOL_WORDS * 32; It's a sysctl, so it is tunable. --- ~Randy *** Remember to use Documentation/SubmitChecklist when testing your code *** -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Weedy on 22 Jun 2010 19:30 Man I need to remember to hit reply-to-all On Mon, Jun 21, 2010 at 3:56 PM, Randy Dunlap <randy.dunlap(a)oracle.com> wrote: > On 06/21/10 12:48, Weedy wrote: >> On Mon, Jun 21, 2010 at 11:51 AM, Randy Dunlap <randy.dunlap(a)oracle.com> wrote: >>> On Mon, 21 Jun 2010 09:58:16 -0400 Weedy wrote: >>> >>>> I know grsecurity has a option for this but I don't want to patch my >>>> kernel with it at this time. I have been poking around random.c but I >>>> can't seem to figure out where .poolsize is assigned it's value and >>>> how to increase it. >>>> >>>> If someone could point it out that would be nice. >>>> >>>> Thank you for your time. >>>> -- >>> >>> Do you mean this one in drivers/char/random.c or something else? >>> >>> static int sysctl_poolsize = INPUT_POOL_WORDS * 32; >>> >>> It's a sysctl, so it is tunable. >> It's locked, some kind of security risk many kernels ago. I'll try >> changing that but I thought I tried it once before. > > Ah, it's mode is 0444 (read-only). Sorry I missed that piece. > Sure, you could change the mode for your own use (rebuild the kernel). # cat /proc/sys/kernel/random/poolsize 16384 cat /proc/sys/kernel/random/entropy_avail 4096 I guess there is more to it. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Weedy on 4 Jul 2010 15:10
On Tue, Jun 22, 2010 at 7:21 PM, Weedy <weedy2887(a)gmail.com> wrote: > Man I need to remember to hit reply-to-all > > On Mon, Jun 21, 2010 at 3:56 PM, Randy Dunlap <randy.dunlap(a)oracle.com> wrote: >> On 06/21/10 12:48, Weedy wrote: >>> On Mon, Jun 21, 2010 at 11:51 AM, Randy Dunlap <randy.dunlap(a)oracle.com> wrote: >>>> On Mon, 21 Jun 2010 09:58:16 -0400 Weedy wrote: >>>> >>>>> I know grsecurity has a option for this but I don't want to patch my >>>>> kernel with it at this time. I have been poking around random.c but I >>>>> can't seem to figure out where .poolsize is assigned it's value and >>>>> how to increase it. >>>>> >>>>> If someone could point it out that would be nice. >>>>> >>>>> Thank you for your time. >>>>> -- >>>> >>>> Do you mean this one in drivers/char/random.c or something else? >>>> >>>> static int sysctl_poolsize = INPUT_POOL_WORDS * 32; >>>> >>>> It's a sysctl, so it is tunable. >>> It's locked, some kind of security risk many kernels ago. I'll try >>> changing that but I thought I tried it once before. >> >> Ah, it's mode is 0444 (read-only). Sorry I missed that piece. >> Sure, you could change the mode for your own use (rebuild the kernel). > > # cat /proc/sys/kernel/random/poolsize > 16384 > cat /proc/sys/kernel/random/entropy_avail > 4096 > > I guess there is more to it. > Bump -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |