Date: Mon, 29 Nov 1999 18:00:55 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: Mike Smith <msmith@FreeBSD.org> Cc: Warner Losh <imp@village.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h Message-ID: <Pine.BSF.4.10.9911291736390.11459-100000@alphplex.bde.org> In-Reply-To: <199911282015.MAA00314@mass.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 28 Nov 1999, Mike Smith wrote: > > In message <199911281751.JAA40710@freefall.freebsd.org> Dan Moschuk writes: > > : Reviewed and Approved by: bde, imp > > > > Reviewed, but not completely approved by imp.... The main problem > > with this, like I said in other mail, is it not using the /dev/random > > entropy pool for this. > > I actually effectively vetoed this commit (on IRC) for it's failure to do > just that. I expect Dan to pay close attention to the feedback and DTRT > (which should include using the libc arcfour code as well, if he's not > already). It's unreasonable to ask a new committer to use /dev/random when more important things like netinet don't use it. To use it in machine-independent code, you first have to implement it for alpha. Here is a toy implementation: #define read_random(buf, nbytes) 0 This does the same thing as the i386 implementation on a bad day. The caller must be prepared for a limited amount of entropy being available. All callers except the ones for userland get this wrong by calling read_random() on alphas and always ignoring the result of read_random(). if_spppsubr.c, i4b_tel.c, i4b_l4mgmt.c: Has a verbose ifdef for __FreeBSD__ >= 3 but no ifdef for __i386__. Uses stack garbage if read_random() returns a short read. ipx_input.c: No ifdefs at all. Uses \0's if read_random() returns a short read. The userland arc4random() avoids some of these problems by using /dev/urandom instead of /dev/random. It ignores the result returned by read() of course. The kernel equivalent is read_random_unlimited(). This may give lower quality randomness. It is not used in the kernel except to implement /dev/urandom. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9911291736390.11459-100000>