From owner-freebsd-audit Mon Nov 29 11:26:21 1999 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 0A4E9152F4; Mon, 29 Nov 1999 11:26:19 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id ECE9C1CD621; Mon, 29 Nov 1999 11:26:19 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Mon, 29 Nov 1999 11:26:19 -0800 (PST) From: Kris Kennaway To: Bruce Evans Cc: Mike Smith , audit@FreeBSD.org, Warner Losh Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 29 Nov 1999, Bruce Evans wrote: > > On Mon, 29 Nov 1999, Bruce Evans wrote: > > > This does the same thing as the i386 implementation on a bad day. The > > > caller must be prepared for a limited amount of entropy being available. > > > All callers except the ones for userland get this wrong by calling > > > read_random() on alphas and always ignoring the result of read_random(). > > > > Can you suggest a decent fix? Simply polling until we fill our desired > > buffer? Using read_random_unlimited() may well be "good enough" in many > > cases. > > Polling would be too slow. I don't know if read_random_unlimited() is good > enough. Randomness is needed soon after booting. Then it is not clear > that read_random_unlimited() can provide _any_ true randomness. See the > comment in init_main.c where random() is initialised. Probably in the case when we first initialise the PRNG we can afford the performance hit and poll until we get as much entropy as we need, and in most other cases just use read_random_unlimited(). Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message