Date: Thu, 30 May 2013 00:13:28 -0700 From: David Schultz <das@FreeBSD.ORG> To: Xin LI <delphij@freebsd.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r249035 - head/lib/libc/stdlib Message-ID: <20130530071328.GA91730@zim.MIT.EDU> In-Reply-To: <201304022341.r32NfL8L096954@svn.freebsd.org> References: <201304022341.r32NfL8L096954@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Apr 02, 2013, Xin LI wrote: > Author: delphij > Date: Tue Apr 2 23:41:20 2013 > New Revision: 249035 > URL: http://svnweb.freebsd.org/changeset/base/249035 > > Log: > Replace access to /dev/random with the kernel pseudo-random number > source sysctl(KERN_ARND) and remove the fallback code. Thanks. I wanted to do this several years ago. Incidentally, the reason I didn't is that I had some concerns about sysctl(KERN_ARND) not being sufficiently fail-safe. There were a couple of issues, but the main one was that if something in the kernel asked for a random number before the random device was loaded, the result was not-so-random numbers. Furthermore, since the generator was seeded at that point, it continued to give out not-so-random numbers for some time. I added the following log message in the problematic case: "random device not loaded; using insecure entropy" According to a Google search, I'm not the only person to have triggered it. (I hit it because I dynamically link most drivers, including random.ko. I'm not sure about the others.) I think your patch is good, but the kernel-side issues probably bear some investigation.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130530071328.GA91730>