Menu
▾
▴
Re: [Devil-Linux-discuss] one more thing... haveged
|
From: Udo L. <ul...@po...> - 2016-09-24 22:03:31
|
Hi Heiko,
unfortunality rngd don't work for me:
root@squid-test:~ # cat /proc/sys/kernel/random/entropy_avail
252
root@squid-test:~ # modprobe tpm-rng amd-rng intel-rng tpm-rng
root@squid-test:~ # /etc/init.d/rngd start
Starting RNG daemon: Unable to open file: /dev/tpm0
can't open any entropy source
Maybe RNG device modules are not loaded
[ OK ]
root@squid-test:~ # lsmod
Module Size Used by
tpm_rng 1158 0
virtio_rng 2591 0
rng_core 6080 2 virtio_rng,tpm_rng
ipv6 306969 14
cfg80211 226871 0
rfkill 15022 1 cfg80211
dm_mod 84713 3
pata_acpi 3555 0
parport_pc 30061 0
virtio_net 20579 0
parport 32236 1 parport_pc
virtio_balloon 5748 0
i2c_piix4 9892 0
shpchp 24026 0
i2c_core 22732 1 i2c_piix4
ata_generic 3474 0
tpm_tis 9640 0
tpm 30892 2 tpm_rng,tpm_tis
8250_fintek 2810 0
button 4593 0
scsi_transport_fc 44353 0
ata_piix 25152 0
libata 163363 3 pata_acpi,ata_generic,ata_piix
virtio_blk 9048 0
virtio_pci 14071 0
virtio 5639 5
virtio_blk,virtio_net,virtio_pci,virtio_rng,virtio_balloon
virtio_ring 6852 5
virtio_blk,virtio_net,virtio_pci,virtio_rng,virtio_balloon
loop 64429 2
root@squid-test:~ # cat /proc/cpuinfo
processor : 0
vendor_id : AuthenticAMD
cpu family : 15
model : 6
model name : Common KVM processor
stepping : 1
microcode : 0x1000065
cpu MHz : 1497.505
cache size : 512 KB
physical id : 0
siblings : 1
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx lm rep_good nopl
extd_apicid pni cx16 x2apic hypervisor 3dnowprefetch vmmcall
bugs : fxsave_leak sysret_ss_attrs
bogomips : 2996.80
TLB size : 1024 4K pages
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management:
processor : 1
vendor_id : AuthenticAMD
cpu family : 15
model : 6
model name : Common KVM processor
stepping : 1
microcode : 0x1000065
cpu MHz : 1497.505
cache size : 512 KB
physical id : 1
siblings : 1
core id : 0
cpu cores : 1
apicid : 1
initial apicid : 1
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx lm rep_good nopl
extd_apicid pni cx16 x2apic hypervisor 3dnowprefetch vmmcall
bugs : fxsave_leak sysret_ss_attrs
bogomips : 2996.80
TLB size : 1024 4K pages
clflush size : 64
cache_alignment : 64
address sizes : 40 bits physical, 48 bits virtual
power management:
root@squid-test:~ # cat /proc/sys/kernel/random/entropy_avail
144
Are they more to do to run rngd??
haveged run without trouble:
root@squid-test:~ # /opt/sbin/haveged
root@squid-test:~ # cat /proc/sys/kernel/random/entropy_avail
2419
root@squid-test:~ # cat /etc/Devil-release
Devil-Linux 1.8.0-rc2-2016-09-24-x86_64
Regards
Udo
On 24.09.2016 15:36, Heiko Zuerker wrote:
> Udo,
>
> We do have the rng-tools included, which provides rngd. Does this not
> meet your need?
>
> Heiko
>
> Quoting Udo Lembke <ul...@po...>:
>
>> Hi Heiko,
>> if devil-linux run as VM the entropy isn't very high. For some workloads
>> (like TLS/SSL) this can produce strange effects - slow systems because
>> the process wait for valid random.
>> haveged* can be very helpful for this and it's a very small software
>> (all together less than one MB):
>>
>> root@devil-linux:/ # cat /proc/sys/kernel/random/entropy_avail
>> 198
>> root@devil-linux:/ # /opt/sbin/haveged
>> root@devil-linux:/ # cat /proc/sys/kernel/random/entropy_avail
>> 2424
>>
>> Of course, I can write an startscript if you include haveged.
>>
>> Udo
>>
>> * http://www.issihosts.com/haveged/
|
