Date: Sun, 16 Sep 2012 14:27:34 -0700 From: Doug Barton <dougb@FreeBSD.org> To: Mark Murray <markm@FreeBSD.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, Ian Lepore <freebsd@damnhippie.dyndns.org>, Ben Laurie <benl@freebsd.org>, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com> Subject: Re: Proposed fix; stage 1 (Was: svn commit: r239569 - head/etc/rc.d) Message-ID: <50564446.80606@FreeBSD.org> In-Reply-To: <E1TDHb0-000FIh-0Z@groundzero.grondar.org> References: <50453686.9090100@FreeBSD.org> <20120912213141.GI14077@x96.org> <20120913052431.GA15052@dragon.NUXI.org> <alpine.BSF.2.00.1209131258210.13080@ai.fobar.qr> <alpine.BSF.2.00.1209141336170.13080@ai.fobar.qr> <E1TCXN0-000NFT-7I@groundzero.grondar.org> <CAG5KPzwOdCkybj3D5uic1KC-pwW-pewgsrqrXg60f5SJjtzYPw@mail.gmail.com> <E1TCbDG-0002Hz-9D@groundzero.grondar.org> <CAG5KPzzRxzVX-%2B9fYjRdqjY-wScbM6AA7GYtLmktgMG0Zg8iyQ@mail.gmail.com> <E1TCbSz-0007CJ-BI@groundzero.grondar.org> <CAG5KPzyJNmXRfxtPPrdc2zVCsxGtDfJT79YC3a1PNUfOOSzt8A@mail.gmail.com> <E1TCcIq-000Brr-Ex@groundzero.grondar.org> <CAG5KPzwEESg7iUb2%2B-kAN%2Bk55M95BZjh5VaSvxzSsSCVuZ9kMw@mail.gmail.com> <E1TCdlD-000C1N-4g@groundzero.grondar.org> <CAG5KPzzFO1H5Wcx34oXi09=aJqg5w%2BXWSd8fnn0Byvpy_8%2B-rA@mail.gmail.com> <E1TCpk1-000N2H-Vq@groundzero.grondar.org> <CAG5KPzxOua1t%2BWCef77E5jA1j_m6 faw3JXUg sy8W_TeE%2BkpLUg@m <CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A@mail.gmail.com> <E1TDHb0-000FIh-0Z@groundzero.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 09/16/2012 09:21, Mark Murray wrote:
> Part 1 of the fix is enclosed; it involves drastically shortening the
> input into /dev/random (the "kickstart") at boot time. There are time
> implications that I'd like to hear any objections to.
I remain convinced that chunking the input so that we don't overflow the
buffer is a better solution than truncating it (whether that is by the
use of a hash, or other means). I also think that Ian has made several
good points about the need to avoid hashing for low-end systems, and I
have made the suggestion to split the initrandom commands into "safe for
all" and "only for higher end systems" components in part to address
Ian's concerns that some of the commands we have are real drags on
low-end systems.
There are several ways that we can do the chunking, one cheap way would
be to run the commands in a loop with a 'sleep .1' after each to give
the buffer time to drain.
Finally, I still think that making changes to the entropy-feeding
methods in initrandom or random are premature until we have a chance to
review Arthur's work on what's actually happening with the buffer. Until
we know where the problems are, we're only guessing as to what the fixes
should be.
Doug
--
I am only one, but I am one. I cannot do everything, but I can do
something. And I will not let what I cannot do interfere with what
I can do.
-- Edward Everett Hale, (1822 - 1909)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50564446.80606>