Date: Sun, 2 Nov 2014 02:01:56 +0000 (UTC) From: Dag-Erling Smørgrav <des@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r273958 - head/sys/dev/random Message-ID: <201411020201.sA221unt091493@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: des Date: Sun Nov 2 02:01:55 2014 New Revision: 273958 URL: https://svnweb.freebsd.org/changeset/base/273958 Log: Restore the auto-reseed logic, but move it to a much later point, immediately before kick_init. Approved by: so (self) Modified: head/sys/dev/random/random_adaptors.c head/sys/dev/random/yarrow.c Modified: head/sys/dev/random/random_adaptors.c ============================================================================== --- head/sys/dev/random/random_adaptors.c Sun Nov 2 01:47:27 2014 (r273957) +++ head/sys/dev/random/random_adaptors.c Sun Nov 2 02:01:55 2014 (r273958) @@ -447,30 +447,8 @@ random_adaptors_deinit(void) } /* - * First seed. - * - * NB! NB! NB! - * NB! NB! NB! - * - * It turns out this is bloody dangerous. I was fiddling with code elsewhere - * and managed to get conditions where a safe (i.e. seeded) entropy device should - * not have been possible. This managed to hide that by unblocking the device anyway. - * As crap randomness is not directly distinguishable from good randomness, this - * could have gone unnoticed for quite a while. - * - * NB! NB! NB! - * NB! NB! NB! - * - * Very luckily, the probe-time entropy is very nearly good enough to cause a - * first seed all of the time, and the default settings for other entropy - * harvesting causes a proper, safe, first seed (unblock) in short order after that. - * - * That said, the below would be useful where folks are more concerned with - * a quick start than with extra paranoia in a low-entropy environment. - * - * markm - October 2013. + * Reseed the active adaptor shortly before starting init(8). */ -#ifdef RANDOM_AUTOSEED /* ARGSUSED */ static void random_adaptors_seed(void *unused __unused) @@ -484,6 +462,5 @@ random_adaptors_seed(void *unused __unus arc4rand(NULL, 0, 1); } -SYSINIT(random_seed, SI_SUB_INTRINSIC_POST, SI_ORDER_LAST, - random_adaptors_reseed, NULL); -#endif /* RANDOM_AUTOSEED */ +SYSINIT(random_seed, SI_SUB_KTHREAD_INIT, SI_ORDER_FIRST, + random_adaptors_seed, NULL); Modified: head/sys/dev/random/yarrow.c ============================================================================== --- head/sys/dev/random/yarrow.c Sun Nov 2 01:47:27 2014 (r273957) +++ head/sys/dev/random/yarrow.c Sun Nov 2 02:01:55 2014 (r273958) @@ -508,7 +508,9 @@ void random_yarrow_reseed(void) { + mtx_lock(&random_reseed_mtx); reseed(SLOW); + mtx_unlock(&random_reseed_mtx); } int
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201411020201.sA221unt091493>