From owner-freebsd-security@FreeBSD.ORG Fri Sep 14 19:50:34 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 544A81065670; Fri, 14 Sep 2012 19:50:34 +0000 (UTC) (envelope-from benlaurie@gmail.com) Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) by mx1.freebsd.org (Postfix) with ESMTP id 96B668FC0C; Fri, 14 Sep 2012 19:50:33 +0000 (UTC) Received: by vbmv11 with SMTP id v11so6790708vbm.13 for ; Fri, 14 Sep 2012 12:50:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=65Q68iQByS6xouDX2qZBP/RALnp1uGwdp+BezHoJVOs=; b=ejMtnfTj9Aqpuv3ZGV30G7ZmlK0lwqSb1Sly3zsl0Fh2thgBm/7hejL9LAgqQDI0G+ k+qqfNW2Huptmtuoz1Q9+7IHsR2zr/CQJaAMudooPeu1ffJ5ZuNv5ixpLYyuMBvE/xlS NWHjdd2ilBxtERDZA7cC8j51bhnMfbsy9Ep8iJN+jOyqi2WbFCRZj9ppj/e5eEHVN0vH 0q2OQ0+P0geGntAIlCU1suWquRAyNo79wxTzXg/Fp4hoC071niTWjb0KDc3dBKNRhVrC Z9YrwejQd/zmzYuFDsxn/dZrkVvmkhtGJed4TROiSSEP6X8c/Sw2YMEVnO4KANq25vL1 hvzQ== MIME-Version: 1.0 Received: by 10.52.174.232 with SMTP id bv8mr152730vdc.13.1347652232913; Fri, 14 Sep 2012 12:50:32 -0700 (PDT) Sender: benlaurie@gmail.com Received: by 10.58.79.243 with HTTP; Fri, 14 Sep 2012 12:50:32 -0700 (PDT) In-Reply-To: References: <50453686.9090100@FreeBSD.org> <20120911082309.GD72584@dragon.NUXI.org> <504F0687.7020309@FreeBSD.org> <201209121628.18088.jhb@freebsd.org> <5050F477.8060409@FreeBSD.org> <20120912213141.GI14077@x96.org> <20120913052431.GA15052@dragon.NUXI.org> Date: Fri, 14 Sep 2012 20:50:32 +0100 X-Google-Sender-Auth: xQ7KWR1cAWBpEzaIiPKClZ5qyHM Message-ID: From: Ben Laurie To: Mark Murray Content-Type: text/plain; charset=ISO-8859-1 Cc: Arthur Mesh , Ian Lepore , Doug Barton , freebsd-security@freebsd.org, RW , "Bjoern A. Zeeb" Subject: Re: svn commit: r239569 - head/etc/rc.d X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Sep 2012 19:50:34 -0000 On Fri, Sep 14, 2012 at 8:22 PM, Mark Murray wrote: > Ben Laurie writes: >> > What??! Have you seen how Yarrow does its harvesting?? >> >> If you XOR into the as-yet-unharvested buffer, then appropriately >> aligned repeated input makes the buffer zero. > I have no idea what point you're trying to make. > There is an "if" "if you use your proposed solution" > and an "appropriately" in there. And the input happens to line up. > The entropy is > estimated as Zero anyway, in spite of getting "free" TSC jitter, and if > this is an attack, the system is screwed to begin with. What I am trying to do is extract whatever entropy there is in the input. You appear to be saying that there's no point adding extra entropy because it is estimated at zero. This makes no sense to me.