On Tue, Mar 29, 2005 at 02:17:24AM -0500, Jeff Garzik wrote: > Andi Kleen wrote: > >BTW what do you do when the FIPS test fails? I dont see a good fallback > >path for this case. > > If the FIPS test fails, do the obvious: don't feed that data to the > kernel (and credit entropy), and possibly stop using the hardware RNG
This will just cause hangs; basically it is a DOS. > under a human has intervened. > > This is not rocket science. The fallback path is "use software", which > is what most users do right now anyway. Just that use software does not work on a headless machine sitting in a rack with not much disk IO. -Andi - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
