Date: Sun, 16 Sep 2012 14:27:34 -0700 From: Doug Barton <dougb@FreeBSD.org> To: Mark Murray <markm@FreeBSD.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, Ian Lepore <freebsd@damnhippie.dyndns.org>, Ben Laurie <benl@freebsd.org>, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com> Subject: Re: Proposed fix; stage 1 (Was: svn commit: r239569 - head/etc/rc.d) Message-ID: <50564446.80606@FreeBSD.org> In-Reply-To: <E1TDHb0-000FIh-0Z@groundzero.grondar.org> References: <50453686.9090100@FreeBSD.org> <20120912213141.GI14077@x96.org> <20120913052431.GA15052@dragon.NUXI.org> <alpine.BSF.2.00.1209131258210.13080@ai.fobar.qr> <alpine.BSF.2.00.1209141336170.13080@ai.fobar.qr> <E1TCXN0-000NFT-7I@groundzero.grondar.org> <CAG5KPzwOdCkybj3D5uic1KC-pwW-pewgsrqrXg60f5SJjtzYPw@mail.gmail.com> <E1TCbDG-0002Hz-9D@groundzero.grondar.org> <CAG5KPzzRxzVX-%2B9fYjRdqjY-wScbM6AA7GYtLmktgMG0Zg8iyQ@mail.gmail.com> <E1TCbSz-0007CJ-BI@groundzero.grondar.org> <CAG5KPzyJNmXRfxtPPrdc2zVCsxGtDfJT79YC3a1PNUfOOSzt8A@mail.gmail.com> <E1TCcIq-000Brr-Ex@groundzero.grondar.org> <CAG5KPzwEESg7iUb2%2B-kAN%2Bk55M95BZjh5VaSvxzSsSCVuZ9kMw@mail.gmail.com> <E1TCdlD-000C1N-4g@groundzero.grondar.org> <CAG5KPzzFO1H5Wcx34oXi09=aJqg5w%2BXWSd8fnn0Byvpy_8%2B-rA@mail.gmail.com> <E1TCpk1-000N2H-Vq@groundzero.grondar.org> <CAG5KPzxOua1t%2BWCef77E5jA1j_m6 faw3JXUg sy8W_TeE%2BkpLUg@m <CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A@mail.gmail.com> <E1TDHb0-000FIh-0Z@groundzero.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 09/16/2012 09:21, Mark Murray wrote: > Part 1 of the fix is enclosed; it involves drastically shortening the > input into /dev/random (the "kickstart") at boot time. There are time > implications that I'd like to hear any objections to. I remain convinced that chunking the input so that we don't overflow the buffer is a better solution than truncating it (whether that is by the use of a hash, or other means). I also think that Ian has made several good points about the need to avoid hashing for low-end systems, and I have made the suggestion to split the initrandom commands into "safe for all" and "only for higher end systems" components in part to address Ian's concerns that some of the commands we have are real drags on low-end systems. There are several ways that we can do the chunking, one cheap way would be to run the commands in a loop with a 'sleep .1' after each to give the buffer time to drain. Finally, I still think that making changes to the entropy-feeding methods in initrandom or random are premature until we have a chance to review Arthur's work on what's actually happening with the buffer. Until we know where the problems are, we're only guessing as to what the fixes should be. Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50564446.80606>