From owner-cvs-all@FreeBSD.ORG  Thu Aug 14 23:44:54 2003
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2915637B405
	for <cvs-all@FreeBSD.org>; Thu, 14 Aug 2003 23:44:54 -0700 (PDT)
Received: from rootlabs.com (root.org [67.118.192.226])
	by mx1.FreeBSD.org (Postfix) with SMTP id 954DB43FB1
	for <cvs-all@FreeBSD.org>; Thu, 14 Aug 2003 23:44:52 -0700 (PDT)
	(envelope-from nate@rootlabs.com)
Received: (qmail 95095 invoked by uid 1000); 15 Aug 2003 06:44:55 -0000
Date: Thu, 14 Aug 2003 23:44:55 -0700 (PDT)
From: Nate Lawson <nate@root.org>
To: Mike Silbersack <silby@silby.com>
In-Reply-To: <20030815013501.L1565@odysseus.silby.com>
Message-ID: <20030814234315.M94986@root.org>
References: <200308150634.h7F6Ylxw022089@repoman.freebsd.org>
 <20030815013501.L1565@odysseus.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: cvs-src@FreeBSD.org
cc: src-committers@FreeBSD.org
cc: cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/libkern arc4random.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Aug 2003 06:44:54 -0000

On Fri, 15 Aug 2003, Mike Silbersack wrote:
> On Thu, 14 Aug 2003, Mike Silbersack wrote:
> >   Modified files:
> >     sys/libkern          arc4random.c
> >   Log:
> >   Lock down arc4random so it can be safely called w/o Giant.
> >
> >   Minor code reorganization was required, but the only functional
> >   change was that the first 1024 bytes of output are thrown out
> >   after each reseed, rather than just the initial seed.
> >
> >   Revision  Changes    Path
> >   1.12      +26 -17    src/sys/libkern/arc4random.c
>
> This doesn't use per-cpu randomness pools or anything cool, but I decided
> that easily verified locking was more important at this point.  (And I
> doubt that it's a performance problem either way.)

I'm less concerned about performance than loss of entropy.  You also
removed the comment pointing out the weakness that occurs if the first 256
bytes of output are used.

-Nate