From owner-freebsd-hackers@freebsd.org Wed Aug 22 00:56:48 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 47DD3108559B for ; Wed, 22 Aug 2018 00:56:48 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: from mail-it0-f52.google.com (mail-it0-f52.google.com [209.85.214.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C102677692 for ; Wed, 22 Aug 2018 00:56:47 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: by mail-it0-f52.google.com with SMTP id 72-v6so875212itw.3 for ; Tue, 21 Aug 2018 17:56:47 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc:content-transfer-encoding; bh=YFcXOiEIcuEco9+DYN/0mRuL76wFWE7gN/pgSFulvj4=; b=m0RL+DrN3doXdyY20+/yB7rFsmEC6aymANISQSwrhAGl8+oVY1y5nK7Zcx6DhC0g4j NFlTUrR5FJEltFtAfabpmR7JooPFIZrZck7hNOZgwI7GOc3awDwM81uQSwAnvkf/7MZH kBx1Vti/CoOBbpHFxOvLipTRHOFdG2hyRttVp/ist7s6MWhCE/ofwkWAd1ZVctPBCHr8 UI4oXdKkxMdOomqzJVpgz7NOQM0ukCHiyovxM21BUyFv7Z9Pwu0Bc2m+Z1tG9L4f/9Fo JmlVYVrvjPWtCHdjYhkaRCBuyF9FlBUzAAVpr6ce/88xIYKtUNHu7n7F0f23gCF5MuTV uzfA== X-Gm-Message-State: APzg51ALhcUl+AsAzDabgdpVg496/Fq9bkUc49xQwBDbCsXdsEiim59V Aq2f1Cu3OcZs/ZAVZIZbdN0+l3DP X-Google-Smtp-Source: ANB0VdaRElDbI+Oqkhu2nNWYZewLLA6MYRDXMrcoL0S8uAGfSv6fU8KlC11FGogRbMoq860q2Q22wQ== X-Received: by 2002:a02:b5c4:: with SMTP id y4-v6mr3719590jaj.138.1534899401024; Tue, 21 Aug 2018 17:56:41 -0700 (PDT) Received: from mail-it0-f47.google.com (mail-it0-f47.google.com. [209.85.214.47]) by smtp.gmail.com with ESMTPSA id x8-v6sm114202iog.13.2018.08.21.17.56.40 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 21 Aug 2018 17:56:40 -0700 (PDT) Received: by mail-it0-f47.google.com with SMTP id t69-v6so172757itb.4 for ; Tue, 21 Aug 2018 17:56:40 -0700 (PDT) X-Received: by 2002:a24:f945:: with SMTP id l66-v6mr1463961ith.6.1534899400775; Tue, 21 Aug 2018 17:56:40 -0700 (PDT) MIME-Version: 1.0 Reply-To: cem@freebsd.org Received: by 2002:a02:b472:0:0:0:0:0 with HTTP; Tue, 21 Aug 2018 17:56:40 -0700 (PDT) In-Reply-To: <20180822011901.6eb678cb@gumby.homeunix.com> References: <20180820184337.6e07e951@gumby.homeunix.com> <20180822011901.6eb678cb@gumby.homeunix.com> From: Conrad Meyer Date: Tue, 21 Aug 2018 17:56:40 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: rand_harvestq high cpu usage when /dev/urandom is used To: RW Cc: "freebsd-hackers@freebsd.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Aug 2018 00:56:48 -0000 On Tue, Aug 21, 2018 at 5:19 PM, RW via freebsd-hackers wrote: > > I think I see what is going on. If you have a hardware entropy source > then when you read N bytes out of /dev/random, random_sources_feed() > tries to put at least that amount into each of the entropy pools (32 > for fortuna). So if you are reading at 100MB/s, you are trying to feed > 3.2GB/s into the pools. Overwriting a slow drive from /dev/random seems > to be enough to waste a CPU core my PC. Yep, I came to a similar conclusion[1]. I think you're off by a factor of two, though =E2=80=94 it's even worse than that! It tries to res= eed 64x as many bytes from the configured random sources as data read out of the random device. > Fortuna is only allowed to resend after 100ms, and anything more than > 1kB/reseed (pools*keysize) is a waste of CPU cycles. IMO > random_sources_feed() should limit itself to RANDOM_KEYSIZE bytes per > call for each pool/source combination - even that's overkill. I am less familiar on what Fortuna permits, but yeah, clearly what we have now is excessive. Best, Conrad [1]: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230808#c1