HomeFreeBSD
Diffusion FreeBSD src repository b466df5ae9f8

random: Allow pure entropy sources to provide a min-entropy estimate
b466df5ae9f8
Actions

Description

random: Allow pure entropy sources to provide a min-entropy estimate

The current implementation of the NIST health tests assumes a
min-entropy estimate of one bit per sample, which is quite conservative.
For so-called "pure" sources (e.g., virtio-random, TPM) it might be nice
to support larger estimates so that the tests catch failed devices more
quickly.

Thus:

  • let each pure random source provide an estimate, so that downstreams or driver implementors can override defaults if they want to;
  • increase the default estimate for pure sources;
  • for pure sources initialize the state machine at source registration time.

Reviewed by: cem
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D52232

(cherry picked from commit f865264f6a5eba4025c0f6284a48f383717fd74e)

Details

Provenance
markjAuthored on Sep 8 2025, 2:45 PM
Reviewer
cem
Differential Revision
D52232: random: Allow pure entropy sources to provide a min-entropy estimate
Parents
rGe5cb6859e285: random.4: Document the kern.random.nist_healthtest_enabled tunable
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
sys/
dev/
random/

rGb466df5ae9f8

View Options

sys/dev/random/random_harvestq.c

Loading...
View Options

sys/dev/random/randomdev.h

Loading...