From owner-freebsd-hackers@FreeBSD.ORG Sat Dec 26 03:32:21 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3BC0B106568D for ; Sat, 26 Dec 2009 03:32:21 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-fx0-f227.google.com (mail-fx0-f227.google.com [209.85.220.227]) by mx1.freebsd.org (Postfix) with ESMTP id BD21C8FC13 for ; Sat, 26 Dec 2009 03:32:20 +0000 (UTC) Received: by fxm27 with SMTP id 27so9068134fxm.3 for ; Fri, 25 Dec 2009 19:32:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=5IPtAO4bYEDXVwavmOqOqfm434QfNdqvH87Aa9SbGBs=; b=wHLtKt2vd/dJl1i4iggMGTGZchfDz+iKekdwFdStH3UFL1/E2MOuE7AzzdyFb4iCrf vDgs7qD3WeJgYeyJnaeichcndGrangneC0RSQXGqTNxtiPDjRgFldMjZZK6TivgI9+az 83Eioaa80GXKvMeGedNMiX6+MDRpPu2AUNSiM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=Gh2BWsORLOa6J3SOnUGt2+znhoMq5AZmcXLZUWZu9mEnK8LkVpAiHWBmwmdIf9juq3 l1opOvS2dJbqomlmH3Xyt6KJ7qgXCvLNsv9/kREC+vp+bS0Pfmw2fhOmnmoaX06hqJwO fPBWasofyYMO7Xz7poouigPrAEwHNMO7gKiS0= Received: by 10.223.59.3 with SMTP id j3mr794691fah.46.1261798339826; Fri, 25 Dec 2009 19:32:19 -0800 (PST) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id 1sm9260799fks.59.2009.12.25.19.32.18 (version=SSLv3 cipher=RC4-MD5); Fri, 25 Dec 2009 19:32:19 -0800 (PST) Date: Sat, 26 Dec 2009 03:32:16 +0000 From: RW To: freebsd-hackers@freebsd.org Message-ID: <20091226033216.145bb35f@gumby.homeunix.com> In-Reply-To: <4B3530C2.4020607@FreeBSD.org> References: <5a5b03660912240445x7df1498dt42e29d93105efebc@mail.gmail.com> <4B339F27.6020707@freebsd.org> <5a5b03660912240941r6b76a839u819a8a1408816386@mail.gmail.com> <20091224231334.2e242371@gumby.homeunix.com> <4B3530C2.4020607@FreeBSD.org> X-Mailer: Claws Mail 3.7.3 (GTK+ 2.18.5; i386-portbld-freebsd8.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: yarrow random generator X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Dec 2009 03:32:21 -0000 On Fri, 25 Dec 2009 13:38:10 -0800 Doug Barton wrote: > Robert Watson wrote: > > I'll point Mark Murray at this thread and see if we can get him to > > opine some on the current design choices and any potential changes > > to address them. I was interested by your observation that the > > boot-time dumping of bits into /dev/random may overflow the > > buffering -- > > I was peripherally involved in the introduction of yarrow in the sense > that I wrote most of the rc and periodic stuff for it so I am also > interested in this issue. Rather than speculating about whether it's > overflowing the buffer perhaps a patch can be produced to test this > hypothesis? It's not really speculation, the data is broken into 16 byte chunks, random_harvest_internal() is called to copy each chunk into a buffer and queue it. If there are 256 or more buffers in the queue random_harvest_internal() returns without doing anything. The kernel thread that processes the queues calls pause("-", hz /10) each time it loops. A fairly simple solution would be piping all that low-grade entropy from sysctl and ps etc through sha256, reducing it to 64 bytes.