I have a device which generates some noise that I want to add to the entropy pool for the /dev/random device in an embedded Linux system.
我有一个设备,它会产生一些噪音,我想在嵌入式Linux系统的/dev/random设备的熵池中添加这些噪音。
I'm reading the man page on /dev/random and I don't really understand the structure that you pass into the RNDADDENTROPY ioctl call.
我正在读/dev/random的手册页,我真的不理解你传入RNDADDENTROPY ioctl调用的结构。
RNDADDENTROPY
Add some additional entropy to the input pool, incrementing
the entropy count. This differs from writing to /dev/random
or /dev/urandom, which only adds some data but does not
increment the entropy count. The following structure is used:
struct rand_pool_info {
int entropy_count;
int buf_size;
__u32 buf[0];
};
Here entropy_count is the value added to (or subtracted from)
the entropy count, and buf is the buffer of size buf_size
which gets added to the entropy pool.
Is entropy_count in this structure the number of bits that I am adding? Why wouldn't this just always be buf_size * 8 (assuming that buf_size is in terms of bytes)?
这个结构中的entropy_count是我添加的比特数吗?为什么不总是buf_size * 8(假设buf_size是以字节为单位)?
Additionally why is buf a zero size array? How am I supposed to assign a value to it?
另外,为什么buf是一个零大小的数组?我该怎么给它赋值呢?
Thanks for any help here!
谢谢你的帮助!
3 个解决方案
#1
2
I am using a hardware RNG to stock my entropy pool. My struct is a static size and looks like this (my kernel has a slightly different random.h; just copy what you find in yours and increase the array size to whatever you want):
我正在使用硬件RNG来存储熵池。我的struct是一个静态大小,看起来像这样(我的内核有一个稍微不同的随机数。只需要复制你在你的数组中找到的,并将数组大小增加到你想要的):
#define BUFSIZE 256
/* WARNING - this struct must match random.h's struct rand_pool_info */
typedef struct {
int bit_count; /* number of bits of entropy in data */
int byte_count; /* number of bytes of data in array */
unsigned char buf[BUFSIZ];
} entropy_t;
Whatever you pass in buf will be hashed and will stir the entropy pool. If you are using /dev/urandom, it does not matter what you pass for bit_count because /dev/urandom ignores it equaling zero and just keeps on going.
无论你在buf中传递什么都会被哈希,并会搅动熵池。如果您使用的是/dev/urandom,那么您传递给bit_count的值并不重要,因为/dev/urandom忽略了它等于0并继续前进。
What bit_count does is push the point out at which /dev/random will block and wait for something to add more entropy from a physical RNG source. Thus, it's okay to guesstimate on bit_count. If you guess low, the worst that will happen is that /dev/random will block sooner than it otherwise would have. If you guess high, /dev/random will operate like /dev/urandom for a little bit longer than it otherwise would have before it blocks.
bit_count所做的就是将/dev/random所阻塞的点推出来,等待从物理RNG源添加更多的熵。因此,可以对bit_count进行估计。如果你猜的很低,最坏的结果就是/dev/random会比它本来应该的更快地阻塞。如果你猜的是high, /dev/random会像/dev/urandom那样运行,比它在阻塞之前的运行时间长一些。
You can guesstimate based on the "quality" of your entropy source. If it's low, like characters typed by humans, you can set it to 1 or 2 per byte. If it's high, like values read from a dedicated hardware RNG, you can set it to 8 bits per byte.
你可以根据熵源的“质量”进行估计。如果它很低,就像人类输入的字符一样,您可以将它设置为每字节1或2个。如果它很高,比如从专用硬件RNG中读取的值,可以将其设置为每个字节8位。
#2
1
If your data is perfectly random, then I believe it would be appropriate for entropy_count to be the number of bits in the buffer you provide. However, many (most?) sources of randomness aren't perfect, and so it makes sense for the buffer size and amount of entropy to be kept as separate parameters.
如果您的数据是完全随机的,那么我认为entropy_count应该是您提供的缓冲区中的位数。然而,许多(大部分)随机性的来源并不完美,因此将缓冲区大小和熵量作为独立的参数是有意义的。
buf being declared to be size zero is a standard C idiom. The deal is that when you actually allocate a rand_pool_info, you do malloc(sizeof(rand_pool_info) + size_of_desired_buf), and then you refer to the buffer using the buf member. Note: With some C compilers, you can declare buf[*] instead of buf[0] to be explicit that in reality buf is "stretchy".
buf被声明为0大小是一个标准的C语言习惯用法。该协议是当您实际分配一个rand_pool_info时,您会执行malloc(sizeof(rand_pool_info) + size_of_desired_buf),然后使用buf成员引用缓冲区。注意:在一些C编译器中,你可以声明buf[*]而不是buf[0],在现实中,buf是“有弹性的”。
#3
0
The number of bytes you have in the buffer correlates to the entropy of the data but the entropy can not be calculated only from that data or its length.
缓冲区中的字节数与数据的熵有关,但熵不能仅从数据或其长度来计算。
Sure, if the data came from a good, unpredictable and equal-distributed hardware random noise generatr the entropy (in bits) is 8*size of the buffer (in bytes).
当然,如果数据来自于一个良好的、不可预测的、等分布的硬件随机噪声,那么熵(在比特中)是8*大小的缓冲区(以字节为单位)。
But if the bits are not equally distributed or are somehow predictable the entropy becomes less.
但是如果位元分布不均匀或者是可以预测的熵就会变小。
See https://en.wikipedia.org/wiki/Entropy_(information_theory)
看到https://en.wikipedia.org/wiki/Entropy_(information_theory)
I hope that helps.
我希望有帮助。
#1
2
I am using a hardware RNG to stock my entropy pool. My struct is a static size and looks like this (my kernel has a slightly different random.h; just copy what you find in yours and increase the array size to whatever you want):
我正在使用硬件RNG来存储熵池。我的struct是一个静态大小,看起来像这样(我的内核有一个稍微不同的随机数。只需要复制你在你的数组中找到的,并将数组大小增加到你想要的):
#define BUFSIZE 256
/* WARNING - this struct must match random.h's struct rand_pool_info */
typedef struct {
int bit_count; /* number of bits of entropy in data */
int byte_count; /* number of bytes of data in array */
unsigned char buf[BUFSIZ];
} entropy_t;
Whatever you pass in buf will be hashed and will stir the entropy pool. If you are using /dev/urandom, it does not matter what you pass for bit_count because /dev/urandom ignores it equaling zero and just keeps on going.
无论你在buf中传递什么都会被哈希,并会搅动熵池。如果您使用的是/dev/urandom,那么您传递给bit_count的值并不重要,因为/dev/urandom忽略了它等于0并继续前进。
What bit_count does is push the point out at which /dev/random will block and wait for something to add more entropy from a physical RNG source. Thus, it's okay to guesstimate on bit_count. If you guess low, the worst that will happen is that /dev/random will block sooner than it otherwise would have. If you guess high, /dev/random will operate like /dev/urandom for a little bit longer than it otherwise would have before it blocks.
bit_count所做的就是将/dev/random所阻塞的点推出来,等待从物理RNG源添加更多的熵。因此,可以对bit_count进行估计。如果你猜的很低,最坏的结果就是/dev/random会比它本来应该的更快地阻塞。如果你猜的是high, /dev/random会像/dev/urandom那样运行,比它在阻塞之前的运行时间长一些。
You can guesstimate based on the "quality" of your entropy source. If it's low, like characters typed by humans, you can set it to 1 or 2 per byte. If it's high, like values read from a dedicated hardware RNG, you can set it to 8 bits per byte.
你可以根据熵源的“质量”进行估计。如果它很低,就像人类输入的字符一样,您可以将它设置为每字节1或2个。如果它很高,比如从专用硬件RNG中读取的值,可以将其设置为每个字节8位。
#2
1
If your data is perfectly random, then I believe it would be appropriate for entropy_count to be the number of bits in the buffer you provide. However, many (most?) sources of randomness aren't perfect, and so it makes sense for the buffer size and amount of entropy to be kept as separate parameters.
如果您的数据是完全随机的,那么我认为entropy_count应该是您提供的缓冲区中的位数。然而,许多(大部分)随机性的来源并不完美,因此将缓冲区大小和熵量作为独立的参数是有意义的。
buf being declared to be size zero is a standard C idiom. The deal is that when you actually allocate a rand_pool_info, you do malloc(sizeof(rand_pool_info) + size_of_desired_buf), and then you refer to the buffer using the buf member. Note: With some C compilers, you can declare buf[*] instead of buf[0] to be explicit that in reality buf is "stretchy".
buf被声明为0大小是一个标准的C语言习惯用法。该协议是当您实际分配一个rand_pool_info时,您会执行malloc(sizeof(rand_pool_info) + size_of_desired_buf),然后使用buf成员引用缓冲区。注意:在一些C编译器中,你可以声明buf[*]而不是buf[0],在现实中,buf是“有弹性的”。
#3
0
The number of bytes you have in the buffer correlates to the entropy of the data but the entropy can not be calculated only from that data or its length.
缓冲区中的字节数与数据的熵有关,但熵不能仅从数据或其长度来计算。
Sure, if the data came from a good, unpredictable and equal-distributed hardware random noise generatr the entropy (in bits) is 8*size of the buffer (in bytes).
当然,如果数据来自于一个良好的、不可预测的、等分布的硬件随机噪声,那么熵(在比特中)是8*大小的缓冲区(以字节为单位)。
But if the bits are not equally distributed or are somehow predictable the entropy becomes less.
但是如果位元分布不均匀或者是可以预测的熵就会变小。
See https://en.wikipedia.org/wiki/Entropy_(information_theory)
看到https://en.wikipedia.org/wiki/Entropy_(information_theory)
I hope that helps.
我希望有帮助。