[Buildroot] [PATCH v2] package/haveged: set write_wakeup_threshold to 2048

[Thomas Petazzoni]

Hello Matt,

On Mon, 12 Apr 2021 11:47:33 -0500
Matt Weber <matthew.weber at rockwellcollins.com> wrote:

> Adjust the low water mark to wake-up the haveged daemon at the
> same time that rngd would wake-up when a hardware RNG is present.
> 
> This supports the theory that rngd then can't dominate the entropy
> pool. Instead haveged and rngd would complete to fill the pool.
> https://tails.boum.org/contribute/design/random/#index5h2

If I read this link correctly, it doesn't really say anything about
"aligning" the low water mark between haveged and rngd.

While not being random number experts, Arnout and I took advantage of
being in the same room today to have some (random?) discussion about
this patch. Our reasoning is that it is actually desirable to have a
lower low water mark for haveged than rngd.

If you have rngd and a hardware random number generator, using in
priority the hardware random number generator over haveged seems like a
good idea: it provides better random numbers, at less CPU cost. So it's
only if the hardware RNG is too slow that you may want haveged to be
involved and contribute to refilling the entropy pool. But if the
hardware RNG is fast enough compared to the "consumption" of random
numbers by the system, we don't really see why haveged should be
involved. It produces random numbers that are less "good", at at higher
CPU cost.

So overall the default of a low water mark of 2048 for rngd and 1024
for haveged seems to implement exactly what is desirable.

So for now I've marked the patch as Rejected. However should you have
other arguments to back your theory, we would be interested to hear
them and we can always revisit that decision.

Best regards,

Thomas
-- 
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com