[Buildroot] [PATCH v2 1/2] package/haveged: Change service file to run early
post at lespocky.de
Mon Jun 29 09:30:45 UTC 2020
On Mon, Jun 29, 2020 at 10:29:38AM +0200, Norbert Lange wrote:
> Haveged is not entropy, it's a substitute. I dont know how many times I
> need to point that out.
As far as I understood the source for the entropy haveged collects is
random timing jitter from the CPU. Could you explain, why that is not
real entropy, although it passes the FIPS tests? Or point to an
explanation to learn from?
> The less dependencies, the faster the system can startup (and lesser
> chances of some stoopid deadlocks).
This might be true in general, but it is not necessarily on embedded
systems waiting for the kernel's crng to be initialized. If that
initialization is a requirement and the system has very few entropy
sources only (think of an embedded device with no network initialized,
no HID, no sensors, …) the boot can actually hours or days, seriously.
/"\ ASCII RIBBON | »With the first link, the chain is forged. The first
\ / CAMPAIGN | speech censured, the first thought forbidden, the
X AGAINST | first freedom denied, chains us all irrevocably.«
/ \ HTML MAIL | (Jean-Luc Picard, quoting Judge Aaron Satie)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the buildroot