Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 18 Jan 2012 23:05:24 +0400
From:      Andrey Chernov <ache@FreeBSD.ORG>
To:        src-committers@FreeBSD.ORG, svn-src-all@FreeBSD.ORG, svn-src-head@FreeBSD.ORG
Subject:   Re: svn commit: r230230 - head/sys/dev/random
Message-ID:  <20120118190524.GA9847@vniz.net>
In-Reply-To: <20120118175440.GA365@zim.MIT.EDU>
References:  <201201162018.q0GKIADK050161@svn.freebsd.org> <20120118061943.GA80874@vniz.net> <20120118175440.GA365@zim.MIT.EDU>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 18, 2012 at 12:54:40PM -0500, David Schultz wrote:
> It appears to reseed arc4random's state exactly once, at whatever
> unpredictable time devrandom decides to reseed itself.  Are you

As fast as possible, immediatelly when we have enough good entropy.

> trying to fix the problems that arise if random.ko is loaded too
> late in the boot process?

There is only _initial_ seeding security problem with arc4rand() and not 
only when random.ko is not loaded, but when it is loaded too and don't 
harvest enough entropy yet.

All late stages don't have security problem because arc4rand() 
periodically reseeds itself from yarrow when ARC4_RESEED_SECONDS is 
expired.

About random.ko loading itself, this is separate question and I already 
express opinion to make random.ko not optional but required kernel module.

-- 
http://ache.vniz.net/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120118190524.GA9847>