From owner-freebsd-arch@FreeBSD.ORG Tue Aug 21 10:22:11 2012 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1CA9D106564A for ; Tue, 21 Aug 2012 10:22:11 +0000 (UTC) (envelope-from peter@rulingia.com) Received: from vps.rulingia.com (host-122-100-2-194.octopus.com.au [122.100.2.194]) by mx1.freebsd.org (Postfix) with ESMTP id BCFFB8FC16 for ; Tue, 21 Aug 2012 10:22:10 +0000 (UTC) Received: from server.rulingia.com (c220-239-249-137.belrs5.nsw.optusnet.com.au [220.239.249.137]) by vps.rulingia.com (8.14.5/8.14.5) with ESMTP id q7LAM8Uc081344 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 21 Aug 2012 20:22:08 +1000 (EST) (envelope-from peter@rulingia.com) X-Bogosity: Ham, spamicity=0.000000 Received: from server.rulingia.com (localhost.rulingia.com [127.0.0.1]) by server.rulingia.com (8.14.5/8.14.5) with ESMTP id q7LAM2ZB065827 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 21 Aug 2012 20:22:02 +1000 (EST) (envelope-from peter@server.rulingia.com) Received: (from peter@localhost) by server.rulingia.com (8.14.5/8.14.5/Submit) id q7LAM2Gd065826 for freebsd-arch@freebsd.org; Tue, 21 Aug 2012 20:22:02 +1000 (EST) (envelope-from peter) Date: Tue, 21 Aug 2012 20:22:02 +1000 From: Peter Jeremy To: freebsd-arch@freebsd.org Message-ID: <20120821102202.GA85982@server.rulingia.com> References: <76710.1345538028@critter.freebsd.dk> <20120821084315.GL33100@deviant.kiev.zoral.com.ua> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="OXfL5xGRrasGEqWY" Content-Disposition: inline In-Reply-To: <20120821084315.GL33100@deviant.kiev.zoral.com.ua> X-PGP-Key: http://www.rulingia.com/keys/peter.pgp User-Agent: Mutt/1.5.21 (2010-09-15) Subject: Re: /dev/random X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Aug 2012 10:22:11 -0000 --OXfL5xGRrasGEqWY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2012-Aug-21 00:10:36 -0700, Doug Barton wrote: >On 08/20/2012 15:55, Peter Jeremy wrote: >> one in the VIA Nehemiah. VIA have published an independent evaluation >> of their RNG which suggests it is a good source of entropy. > >I'm not sure what paper you're referring to, but according to the >padlock programming guide it's a random number generator, not (directly) >an entropy source. That said, it certainly *could* be used as an entropy >source for yarrow. I was referring to: http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/evaluati= on_padlock_rng.pdf >The way I see it, if padlock is available, there should be 3 options: > >1. Use it as the exclusive feed for /dev/random This is currently the only option. On 2012-Aug-21 12:17:52 +0400, Lev Serebryakov wro= te: >PJ> RNG. FreeBSD random(4) currently only supports one hardware RNG - the >PJ> one in the VIA Nehemiah. VIA have published an independent evaluation > But `man glxsb' says, for example, that its hardware RNG is used to >harvest entropy... On 2012-Aug-21 08:33:48 +0000, Poul-Henning Kamp wrote: >I belive this is wrong: hifn7751.c also feeds Yarrow/random(4). The random(4) man page (and my repetition of it) is somewhat misleading here. The current random(4) code uses the VIA Nehemiah Padlock (with a Davies-Meyer hash) if it's available, otherwise it uses Yarrow. If Yarrow is selected, it uses a variety of entropy sources (as available): "Pure entropy" is regularly harvested from: glxsb(4), hifn(4), safe(4), ubsec(4), MIPS Octeon rnd(4) syscons(4) mouse and keyboard events Various events controlled via kern.random.sys.harvest sysctls: kern.random.sys.harvest.ethernet (default enabled) incoming ethernet packets kern.random.sys.harvest.point_to_point (default enabled) packets written to tun(4), netgraph receive hook kern.random.sys.harvest.interrupt (default enabled): adv(4), adw(4), aha(4), ahb(4), ahci(4), aic(4), amr(4), asr(4), ata(4), bm(4), bt(4), cuda(4), dpt(4), fdc(4), glc(4), ida(4), isp(4), mlx(4), mly(4), mpt(4), mvs(4), ncr(4), ncv(4), nsp(4), pmu(4), ps3cdrom(4), ps3disk(4), pst(4), siis(4), stg(4), sym(4), twe(4), vtblk(4), wds(4) kern.random.sys.harvest.swi (default disabled) Not currently used (or supported) Note that there's also a rndtest(4) device that can monitor the output =66rom hifn(4), safe(4) and ubsec(4). >That said, purely on principle I'm with Ben here: All sources of >entropy should be fed to Yarrow by default. The only reason I can think of for bypassing Yarrow would be to increase the rate at which you can read bits from /dev/random. On 2012-Aug-21 11:43:15 +0300, Konstantin Belousov wr= ote: >The question should become much more practical in the short term, >since IvyBridge has supposedly high-quality RNG in CPU (uncore). Someone(TM) just needs to copy implement the relevant code. --=20 Peter Jeremy --OXfL5xGRrasGEqWY Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlAzYUoACgkQ/opHv/APuIc2RACeL3beBc2fe99yGpZNhCJ0aeiD dGAAnRZVcW3h3bJdrWZbDX5lbeWy8lXD =2Vmo -----END PGP SIGNATURE----- --OXfL5xGRrasGEqWY--