I
spoke with Amir, and we decided to forgo writing random data to a
file from the kernel. Instead, I altered the kernel to write all of
the relevant data to the syslog log file on every random event. This
required much less complexity than writing to a file since I was able
to use the existing printk system call which exists for this purpose.
The
four random events we are interested in capturing are mouse,
keyboard, disk, and interrupt. The mouse and keyboard events are
captured when their drivers call the add_input_randomness function
and pass it an event type. This function then calls the
add_timer_randomness function which adds the random bits to the
entropy pool.
The
disk events are captured when the add_disk_randomness function is
called. This function then calls the add_timer_randomness function to
add the random bits to the entropy pool.
The
interrupt events are captured and handled completely separately by
the add_interrupt_randomness function.
In
order to separate these events, I put wrote data to the log file in
the add_timer_randomness and add_interrupt_randomness functions. The
latter was trivial since the interrupt events are the only ones to
call this function. However, to separate the events that call
add_timer_randomness, I added an event_type argument to the function.
The type from add_input_randomness was passed directly, and a new
type was defined and passed from the add_disk_randomness function.
For each event, the number of bits credited (deemed random) is
written to the log file along with all of the data mixed into the
entropy pool.
There
was one oddity I encountered. The possible event types passed to the
add_input_randomness function are defined as:
EVENT
TYPE
|
DESCRIPTION
|
EV_SYN
|
Used
as markers to separate events. Events may be separated in time or
in space, such as with the multitouch protocol. |
EV_KEY
|
Used
to describe state changes of keyboards, buttons, or other key-like
devices. |
EV_REL
|
Used
to describe relative axis value changes, e.g. moving the mouse 5
units to the left. |
EV_ABS
|
Used
to describe absolute axis value changes, e.g. describing the
coordinates of a touch on a touchscreen. |
EV_MSC
|
Used to describe miscellaneous input data that do not fit into other types.
|
EV_SW
|
Used to describe binary state input switches.
|
EV_LED
|
Used to turn LEDs on devices on and off.
|
EV_SND
|
Used to output sound to devices.
|
EV_REP
|
Used for autorepeating devices.
|
EV_FF
|
Used to send force feedback commands to an input device.
|
EV_PWR
|
A special type for power button and switch input.
|
EV_FF_STATUS
|
Used to receive force feedback device status.
|
I
assumed that the event types EV_KEY and EV_ABS correspond to keyboard
and mouse events respectively. However, I have not verified this.
Also, the type EV_MSC seems to get passed on a regular basis, and I
don't know what event is causing this. The current code ignores all
types but EV_KEY and EV_ABS. Therefore, it would be best to dig
deeper into the code to confirm the relation between events and these
types.
After
altering the kernel code, I wrote a user space program to parse the
syslog file and look for the events logged from the kernel. This
parser separates the events and writes them each to a file depending
on the event type.
I
then wrote an installer shell script to make the kernel changes,
install the new kernel, and set the parser to run on boot. The
installation takes a long time, but it means that we can install this
on any machine running Linux.
Next,
I began to look into potential randomness in CPU temperature and fan
speed. On Linux, the lm-sensors program allows you to read the values
of any hardware sensors that are installed on your machine. This
works very well, but is highly dependent on the hardware of different
machines. My laptop for example has CPU temperature sensors, but no
fan speed sensor. Therefore, I am in the process of trying to find
which sensors are common in different types of machines, as well as
the refresh rates for these sensors.
I
also wrote a shell script which logs the all of the currently running
processes and all of the information associated with them. We are
hoping that we can use process statistics like memory usage as
sources of randomness. I now need to write a script to periodically
log this info so we can sit down and analyze the information.