From owner-freebsd-audit Mon Nov 29 3:49: 5 1999 Delivered-To: freebsd-audit@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 4707714A01; Mon, 29 Nov 1999 03:48:51 -0800 (PST) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (beefcake.zeta.org.au [203.26.10.12]) by mailman.zeta.org.au (8.8.7/8.8.7) with ESMTP id WAA24998; Mon, 29 Nov 1999 22:57:06 +1100 Date: Mon, 29 Nov 1999 22:48:41 +1100 (EST) From: Bruce Evans X-Sender: bde@alphplex.bde.org To: Kris Kennaway Cc: Mike Smith , audit@FreeBSD.org, Warner Losh Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 28 Nov 1999, Kris Kennaway wrote: > On Mon, 29 Nov 1999, Bruce Evans wrote: > > This does the same thing as the i386 implementation on a bad day. The > > caller must be prepared for a limited amount of entropy being available. > > All callers except the ones for userland get this wrong by calling > > read_random() on alphas and always ignoring the result of read_random(). > > Can you suggest a decent fix? Simply polling until we fill our desired > buffer? Using read_random_unlimited() may well be "good enough" in many > cases. Polling would be too slow. I don't know if read_random_unlimited() is good enough. Randomness is needed soon after booting. Then it is not clear that read_random_unlimited() can provide _any_ true randomness. See the comment in init_main.c where random() is initialised. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message