Submitted By: Robert Connolly <robert at linuxfromscratch dot org> (ashes)
Date: 2006-06-04
Initial Package Version: 2.4.32
Upstream Status: Rejected
Origin: This patch is based on a portion of the Grsecurity kernel patch:
	http://www.grsecurity.net/
Description: This patch adds configuration options to increase the entropy
pool size of the Linux kernel.

Also see: http://www.linuxfromscratch.org/hints/downloads/files/entropy.txt

diff -Naur linux-2.4.32.orig/drivers/char/Config.in linux-2.4.32/drivers/char/Config.in
--- linux-2.4.32.orig/drivers/char/Config.in	2004-08-07 23:26:04.000000000 +0000
+++ linux-2.4.32/drivers/char/Config.in	2006-06-04 06:36:11.000000000 +0000
@@ -294,6 +294,11 @@
    bool 'SGI SN2 fetchop support' CONFIG_FETCHOP
 fi
 
+choice 'Entropy pool size'				\
+	"Small		CONFIG_SMALL_ENTROPY_POOL_SIZE	\
+	 Medium		CONFIG_MEDIUM_ENTROPY_POOL_SIZE	\
+	 Large		CONFIG_LARGE_ENTROPY_POOL_SIZE" Small
+
 if [ "$CONFIG_X86" = "y" -o "$CONFIG_X86_64" = "y" ]; then
    dep_tristate 'AMD 768/8111 Random Number Generator support' CONFIG_AMD_RNG $CONFIG_PCI
 fi
diff -Naur linux-2.4.32.orig/drivers/char/random.c linux-2.4.32/drivers/char/random.c
--- linux-2.4.32.orig/drivers/char/random.c	2005-06-01 00:56:56.000000000 +0000
+++ linux-2.4.32/drivers/char/random.c	2006-06-04 06:24:45.000000000 +0000
@@ -262,9 +262,20 @@
 /*
  * Configuration information
  */
+#if defined(CONFIG_MEDIUM_ENTROPY_POOL_SIZE)
+#define DEFAULT_POOL_SIZE 1024
+#define SECONDARY_POOL_SIZE 256
+#define BATCH_ENTROPY_SIZE 512
+#elif defined(CONFIG_LARGE_ENTROPY_POOL_SIZE)
+#define DEFAULT_POOL_SIZE 2048
+#define SECONDARY_POOL_SIZE 256
+#define BATCH_ENTROPY_SIZE 512
+#else
+/* Default to vanilla pool size. */
 #define DEFAULT_POOL_SIZE 512
 #define SECONDARY_POOL_SIZE 128
 #define BATCH_ENTROPY_SIZE 256
+#endif
 #define USE_SHA
 
 /*