Date: Fri, 15 Aug 2003 12:22:03 -0700 From: Sam Leffler <sam@errno.com> To: Mark Murray <mark@grondar.org>, Mike Silbersack <silby@silby.com> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/libkern arc4random.c Message-ID: <88806006.1060950123@melange.errno.com> In-Reply-To: <200308151911.h7FJBkOI003844@grimreaper.grondar.org> References: <200308151911.h7FJBkOI003844@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Mike Silbersack writes: >> > How did you validate the this change? I strongly suggest that mods >> > like this need review before commit. Subtle problems can go unnoticed >> > for a long time. >> > >> > Sam >> >> I'm fairly confident that I did not add any bugs in this commit. >> However, I also have no way of knowing if arc4random was working >> correctly before the commit either... How hard would it be to hook up >> the randomness testing code you committed a few months back? If the >> testing code is in userland, perhaps we could export a /dev/arandom like >> openbsd does for simpler testing. > > I have not looked at the locking, but I have looked at this from a > randomness perspective. > > With that in mind, I think Mike did the right thing in making sure > that the first chunk of arcfour 'randomness' is ditched after a > rekey. It may be fixing a non-problem, but if there is an undisclosed > problem in determining the arcfour sequence, this helps thwart that. > > For the paranoids, this is cheap (almost free), and is solid from a > arcfour-neurotic perspective. I am not arguing for Mike to remove his change. I am noting that making changes to critical system components w/o review and/or testing is dangerous. Going forward we should have some tools for validating changes like this. If the output of arc4random is available through a sysctl or similar then it could be a tool that sits in /usr/src/tools/tools. Otherwise it would be good to create a test module or similar to shunt arc4random data through rndtest. Sam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?88806006.1060950123>