OSKit Entropy Pool Hacks |
ddavies@ddavies.net |
|
(This Chinese symbol means "entropy") |
09-Jul-2003
The best way to get the entropy hacks for GNU/Hurd running on GNUMach 2.0 (aka OSKIT/Mach) is to use the cvs server at savannah.gnu.org. Here are the directions for building GNUMach 2.0.
Make sure modules.x86.pc (haven't even tried ARM, no HW) has the
"random" module uncommented. You'll need a GNUmake make
line vaguely like this:
make kernel-ide+entropy_random+ethernet_tulip
Once you have GNUMach 2.0 running you can try out the pool by using
the entropystat program. If you simply say
entropystat (without further arguments) you'll see an
estimate of how many bytes are in the pool printed to stdout.
The -d N option attempts to drain N bytes from the pool and
print them to stdout. Counts of estimated bytes in the pool are printed
on stdout both before and after the drian attempt.
The -w F option writes the bytes of the file F (a pathname)
to the random pool. Estimated entropy counts are printed ala
-d.
There is also a Hurd translator that is limping along. I will make it available soon - after I've debugged it a little more. This is based on Marcus Brinkmann's user space translator for GNUMach 1.x. My plan is to have the translator detect at start up time which GNUMach major version it's running under. If that's GNUMach 1.x we use the user space entropy pool. If it's 2.x we use the kernel space entropy pool.
WARNING: Don't trust this entropy. There are definately races in GNUMach 2.0 that might be exploited and of course it should go without saying that I am not a guy who understands entropy or cryptography (I have zero credentials!). That said, the output, when I get it without crashing too soon, looks random to me. I'll post a picture of a plot of a long sequence of numbers from the pool soon, and we'll see how that looks...
A comitter for the oskit project at U Utah said he'd take my changes for the next release of OSKit, but since GNU have forked oskit anyway I don't keep my patch up to date. I will try to synch up with the Utah people when/if they do another oskit release (do not hold your breath!). There are bug fixes that aren't here in the savannah CVS tree and you'd likely be better off using that.
??-???-2003
This patch adds the Linux 2.2.12 random device to the St. Patrick's Day release of OSkit. As is, only Linux devices contribute entropy with this release although the bottom half API is expected to be adequate for interfacing with other OSKit drivers as well (ie FreeBSD).
There are a couple of example kernels that demonstrate some basic usage. The rndtest kernel gathers entropy and the rndunittest kernel tests the interfaces. So far I've concentrated on IDE disk and network entropy. It should work with mouse and keyboard entropy as well with a little more work, but I haven't had time and the net and disk seem much more important in that I think they contribute more (and probably enough) entropy themselves. SCSI would be good to do but I don't have SCSI hardware.
This is untested, VERY alpha quality software! I know nothing about entropy or cryptology. I heard that entropy may not even exist! DO NOT TRUST the security of this software!
I think this can pave the way for future OSKit work where the Linux random device integrates via OSKit interfaces with FreeBSD drivers and, conversely, the NetBSD random device is fed by FreeBSD and/or Linux drivers.
There's a patch here for the St. Pat's Day release of OSKit. This patch is disjoint from the 2.2.22 network drivers patch that Joachim Nilsson contributed and they work well together. I've tested the rtl8931 and it contributed entropy.
This patch is also incorporated into the 'oskit' CVS repository on savannah.gnu.org . Read the FAQ for more info.
Any omissions/errors please let me know. Thanks for looking at my code!