From owner-svn-src-all@freebsd.org Thu Jul 16 18:29:29 2015 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5C37F9A3D87; Thu, 16 Jul 2015 18:29:29 +0000 (UTC) (envelope-from markm@FreeBSD.org) Received: from gromit.grondar.org (grandfather.grondar.org [IPv6:2a01:348:0:15:5d59:5c20:0:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 22C6A1954; Thu, 16 Jul 2015 18:29:29 +0000 (UTC) (envelope-from markm@FreeBSD.org) Received: from graveyard.grondar.org ([88.96.155.33] helo=gronkulator.grondar.org) by gromit.grondar.org with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.85 (FreeBSD)) (envelope-from ) id 1ZFnuP-000Drv-BB; Thu, 16 Jul 2015 19:29:25 +0100 Subject: Re: svn commit: r284959 - in head: . share/man/man4 share/man/man9 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe sys/dev/syscons sys/dev/ubsec sys/dev/virtio/random sy... Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2102\)) Content-Type: text/plain; charset=utf-8 From: Mark R V Murray In-Reply-To: <1437055729.1334.359.camel@freebsd.org> Date: Thu, 16 Jul 2015 19:29:19 +0100 Cc: "src-committers@freebsd.org" , "svn-src-all@freebsd.org" , "svn-src-head@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <87D9CCA8-B77F-4CBD-85EC-08C4A9D8413E@FreeBSD.org> References: <201506301700.t5UH0jPq001498@svn.freebsd.org> <6FF99E82-AE79-4112-8EB9-DC35B75F498D@FreeBSD.org> <1437055729.1334.359.camel@freebsd.org> To: Ian Lepore X-Mailer: Apple Mail (2.2102) X-SA-Score: -1.0 X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jul 2015 18:29:29 -0000 > On 16 Jul 2015, at 15:08, Ian Lepore wrote: >=20 > On Thu, 2015-07-16 at 06:39 +0100, Mark Murray wrote: >>> On 15 Jul 2015, at 23:43, Adrian Chadd = wrote: >>>=20 >>>> - Add harvesting of slab allocator events. This needs to be checked = for >>>> weighing down the allocator code. >>>=20 >>> Hi, >>>=20 >>> Is this really doing it upon every one of those events? eg, for each >>> mbuf alloc through UMA? >>=20 >> Only if you turn it on! >>=20 >> M >>=20 >=20 > In random_harvestq_init() I see >=20 > harvest_context.hc_source_mask =3D RANDOM_HARVEST_EVERYTHING_MASK; >=20 > and >=20 > #define RANDOM_HARVEST_EVERYTHING_MASK ((1 << = (RANDOM_ENVIRONMENTAL_END > + 1)) - 1) >=20 > So doesn't that include the RANDOM_FAST flag that controls harvesting > during every UMA alloc and free call? And that harvesting appears to = be > anything but fast, at least at a glance... it looks like it passes the > entire struct uma_zone to the jenkins hash function... is there really > useful entropy in all the data in that struct? Well spotted, but fear not. All sources are on at startup, and this is to ensure that the generator has maximal access to entropy while booting. One of the default duties of etc/rc.d/random is to turn off the UMA and ATIME sources. These may be turned on if you want them, but by default on the fully booted system they are off. See =E2=80=98sysctl kern.random.harvest.mask_symbolic=E2=80=99 and note = that the disabled sources are in []. I have yet to do a full set of benchmarks, but I have discussed this with RWatson. A silly benchmark (make world) shows little effect, but I will be doing this properly in coming months. In answer to you final question - yes. The UMA entropy is a bit spread out, but it is good. M --=20 Mark R V Murray