aboutsummaryrefslogtreecommitdiffstats
path: root/main/rng-tools/rngd.confd-arm
blob: d7a75790b2e558877c0cc51563bbf03ae26f877d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# Configuration for /etc/init.d/rngd

# Space-delimited list of entropy sources to enable.
# No need to include any source that is enabled by default.
#
# Choose from list:
#     tpm:  Is deprecated, will be removed in future version.
#
INCLUDE_ENTROPY_SOURCES=""

# Space-delimited list of entropy sources to disable.
# Useful for disabling certain entropy sources even when supported on system.
#
EXCLUDE_ENTROPY_SOURCES=""


# Number of entropy bits to support, 1 <= n <= 8.
#
#ENTROPY_COUNT=8

# Time in seconds to periodically add fresh entropy to kernel entropy pool.
#
#FORCE_RESEED=300

# Device used for random number input.
#
#HWRNG_DEVICE="/dev/hwrng"

# Kernel device used for random number output.
#
#RANDOM_DEVICE="/dev/random"

# Number of bytes written to random-device at a time.
#
#STEP=64

# Do not stop feeding entropy to random device until at least this
# many bits of entropy are available in pool. Value can be
# 0 <= n <= `sysctl kernel.random.poolsize` but is usually 75% of pool size.
#
#WATERMARK=192


# Entropy source specific options:
#
#
# darn options:
#         use_aes:(BOOLEAN)
#
#DARN_OPTIONS="use_aes:1"
#
#
# jitter options:
#         buffer_size:(INTEGER)
#         force_soft_timer:(BOOLEAN)
#         refill_thresh:(INTEGER)
#         retry_count:(INTEGER)
#         retry_delay:(INTEGER)
#         thread_count:(INTEGER)
#         use_aes:(BOOLEAN)
#
#JITTER_OPTIONS="buffer_size:16535 force_soft_timer:0 refill_thresh:16535"
#JITTER_OPTIONS="${JITTER_OPTIONS} retry_count:1 retry_delay:-1"
#JITTER_OPTIONS="${JITTER_OPTIONS} thread_count:4 timeout:5 use_aes:1"
#
# With the default jitter options Arm CPU-based devices typically experience
# continuous high CPU utilisation for several minutes after rngd starts.
# See https://gitlab.alpinelinux.org/alpine/aports/-/issues/13035 and
# https://github.com/nhorman/rng-tools/issues/150
# In order to address this the following configuration changes have been made:
#
#   - reduce the number of threads used to 1 in total, rather than 1 per core.
#   - reduce the buffer size from 16535 to 4133 which reduces the time taken
#     to fill the buffer (and so reduces the duration of CPU load).
#   - increase the timeout from 5 to 20 seconds.
#
JITTER_OPTIONS="buffer_size:4133 refill_thresh:4133 thread_count:1 timeout:20"
#
#
# rdrand options:
#         use_aes:(BOOLEAN)
#
#RDRAND_OPTIONS="use_aes:0"
#
#
# rndr options:
#         use_aes:(BOOLEAN)
#
#RNDR_OPTIONS="use_aes:0"


# Any extra arguments for rngd
#
EXTRA_ARGS="-q"