|Summary:||sys-apps/timer_entropyd-0.2 silently changed behavior|
|Product:||Gentoo Linux||Reporter:||rpansky <rpansky>|
|Component:||New packages||Assignee:||No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed>|
|Severity:||enhancement||CC:||flameeyes, jstein, proxy-maint|
|Package list:||Runtime testing required:||---|
Description rpansky 2012-09-13 14:12:25 UTC
Since the version 0.2 the application has significantly changed its behavior. Previously, it added random bytes to the kernel pool whenever it had collected enough of them. But now, the entropy bits are added only if there are less than kernel.random.write_wakeup_threshold of them in the pool. (see l.48 of main.c and l.31-40 of kernel.c in the package's source.) The default value of write_wakeup_threshold is 128, which seems too small for an average system. For example, on my desktop with that default setting I've never seen timer_entropyd-0.2 adding any bytes to the pool. Thus the new version effectively ceases to provide an additional source of unpredictable bytes. Probably, the ebuild should advise users to increase their write_wakeup_threshold value reasonably (up to 512-2048 bits). (NOTE the same may apply to media-sound/audio-entropyd as well.)
Comment 1 Diego Elio Pettenò (RETIRED) 2013-03-21 21:02:04 UTC
I'm not very keen on modifying sysctls from the init script of an unrelated service. Haveged has a settings for that, but the others leave it to the user to set the sysctl afaict. I would say that adding a log to notify the user that they have to change the value is a better choice.
Comment 2 Pavel Stratil 2013-03-21 21:59:48 UTC
Something along ... timer_entropyd kicks in only when entropy falls below a certain threshold. You may want to modify the threshold's default value to something reasonable (i.e. 1024) by setting the kernel.random.write_wakeup_threshold variable in /etc/sysctl.conf ?