From owner-freebsd-questions@FreeBSD.ORG Thu Jul 10 17:51:51 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0D6881065670 for ; Thu, 10 Jul 2008 17:51:51 +0000 (UTC) (envelope-from fbsd06+XW=dfee0a75@mlists.homeunix.com) Received: from mxout-03.mxes.net (mxout-03.mxes.net [216.86.168.178]) by mx1.freebsd.org (Postfix) with ESMTP id E37E88FC0C for ; Thu, 10 Jul 2008 17:51:50 +0000 (UTC) (envelope-from fbsd06+XW=dfee0a75@mlists.homeunix.com) Received: from gumby.homeunix.com. (unknown [87.81.140.128]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTP id 7201123E4CA for ; Thu, 10 Jul 2008 13:51:49 -0400 (EDT) Date: Thu, 10 Jul 2008 18:51:46 +0100 From: RW To: freebsd-questions@freebsd.org Message-ID: <20080710185146.37f0a625@gumby.homeunix.com.> In-Reply-To: <7956f3200807090831u1bd6bfddxf78517ae46a32b95@mail.gmail.com> References: <7956f3200807090831u1bd6bfddxf78517ae46a32b95@mail.gmail.com> X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Which VIA CPUs have hardware RNG support? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2008 17:51:51 -0000 On Wed, 9 Jul 2008 11:31:36 -0400 "Joseph Gleason" wrote: > I am trying to figure out which VIA CPUs support hardware RNG under > recent FreeBSD. I've been looking at things on 7.0-RELEASE-p2. If > there is something that else I should be looking at, please let me > know. > > Based on 'man 4 random' I see: > "The only hardware implementation currently is for the > VIA C3 Nehemiah (stepping 3 or greater) CPU. More will be added > in the future." > > Poking around in the kernel I see that indeed nehemiah and yarrow seem > to be the only random sources there. If you have a need for a lot of entropy, you can also use the kernel RC4 generator via "sysctl kern.arandom". A couple of other hardware sources are implemented as yarrow entropy sources rather than using the hardware generator directly. I think the support for AMD Geode LX, will be of this form. I suspect that this is more secure than the nehemiah support since it doesn't actually rely on on the hardware alone.