summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--drivers/char/random.c35
1 files changed, 35 insertions, 0 deletions
diff --git a/drivers/char/random.c b/drivers/char/random.c
index 66f924f..0275a98 100644
--- a/drivers/char/random.c
+++ b/drivers/char/random.c
@@ -146,6 +146,41 @@
* possibility. Nonetheless, a pseudorandom distribution of numbers
* should be useful for a wide range of purposes.
+ * Strategy for reseeding the PRNG
+ * ===============================
+ *
+ * There are a lot of things in this world that depend on adaptive
+ * load-balancing and resource-sharing. Examples include:
+ *
+ * a) The "invisible hand" of microeconomics. If a resource is
+ * plentiful it will be cheap, and everybody can use it. If/when the
+ * resource is scare, the price goes up, and only those who really
+ * need it will pay for it.
+ *
+ * b) The "exponential backoff" algorithm used for the Ethernet
+ * layer-1 CSMA/CD. http://en.wikipedia.org/wiki/Exponential_backoff
+ *
+ * c) The rate of TCP retries, which is another example of exponential
+ * backoff. http://www.pcvr.nl/tcpip/tcp_time.htm
+ *
+ * So, the idea is that if entropy is plentiful, the PRNG can reseed
+ * itself relatively often. If entropy is not plentiful, the PRNG
+ * should wait longer between reseedings. The number of bits delivered
+ * by the PRNG between reseedings is an exponential function of how far
+ * the input pool is below its ceiling. That's the concept. The
+ * implementation goes about it in a somewhat backward way, because it
+ * is implemented on top of the existing "rsvd" mechanism, and usually
+ * it is better to use the existing mechanism whenever possible. So,
+ * if the PRNG has been reseeded recently, it uses a large reserve
+ * ("rsvd"). If it has not been reseeded in a long time, the reserve
+ * goes down, eventually down all the way to zero.
+ *
+ * The intent is that other processes that need entropy from
+ * /dev/random will play by the same rules. That is, when entropy is
+ * scarce they will use it more sparingly. This mechanism is voluntary
+ * not mandatory, but voluntary load- balancing is better than none at
+ * all.
+
* Exported interfaces ---- output
* ===============================
*