| Message ID | 20200512233923.20290-1-matthew.weber@rockwellcollins.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [Next] package/haveged: set write_wakeup_threshold to 2048 | expand |
Thomas, On Tue, May 12, 2020 at 6:39 PM Matt Weber <matthew.weber@rockwellcollins.com> wrote: > > Adjust the low water mark to wake-up the haveged daemon at the > same time that rngd would wake-up when a hardware RNG is present. > > This supports the theory that rngd then can't dominate the entropy > pool. Instead haveged and rngd would complete to fill the pool. > https://tails.boum.org/contribute/design/random/#index5h2 > > If rngd isn't enabled or there isn't a hardware RNG, this change > should not impact the behavior of the entropy pool other then > the pool should be less likely to deplete and cause an entropy > starve with haveged filling it earlier I marked this as a Next item but I guess it really is sort of a bug that should be merged before release as I believe it should apply to LTS as well. . > > Cc: Peter Korsgaard <peter@korsgaard.com> > Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> > --- > > Peter I believe this one also applys to 2020.02.x > --- > package/haveged/S21haveged | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/package/haveged/S21haveged b/package/haveged/S21haveged > index 4b6e6ced4e..22b84e4f27 100644 > --- a/package/haveged/S21haveged > +++ b/package/haveged/S21haveged > @@ -3,7 +3,7 @@ > case "$1" in > start) > printf "Starting haveged: " > - start-stop-daemon -S -x /usr/sbin/haveged -- -w 1024 -r 0 > + start-stop-daemon -S -x /usr/sbin/haveged -- -w 2048 -r 0 > [ $? = 0 ] && echo "OK" || echo "FAIL" > ;; > stop) > -- > 2.17.1 >
diff --git a/package/haveged/S21haveged b/package/haveged/S21haveged index 4b6e6ced4e..22b84e4f27 100644 --- a/package/haveged/S21haveged +++ b/package/haveged/S21haveged @@ -3,7 +3,7 @@ case "$1" in start) printf "Starting haveged: " - start-stop-daemon -S -x /usr/sbin/haveged -- -w 1024 -r 0 + start-stop-daemon -S -x /usr/sbin/haveged -- -w 2048 -r 0 [ $? = 0 ] && echo "OK" || echo "FAIL" ;; stop)
Adjust the low water mark to wake-up the haveged daemon at the same time that rngd would wake-up when a hardware RNG is present. This supports the theory that rngd then can't dominate the entropy pool. Instead haveged and rngd would complete to fill the pool. https://tails.boum.org/contribute/design/random/#index5h2 If rngd isn't enabled or there isn't a hardware RNG, this change should not impact the behavior of the entropy pool other then the pool should be less likely to deplete and cause an entropy starve with haveged filling it earlier. Cc: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> --- Peter I believe this one also applys to 2020.02.x --- package/haveged/S21haveged | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)