From owner-freebsd-hackers@freebsd.org  Mon Jul 13 08:26:39 2015
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id EDEC099BA94
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Mon, 13 Jul 2015 08:26:39 +0000 (UTC) (envelope-from yuri@rawbw.com)
Received: from shell1.rawbw.com (shell1.rawbw.com [198.144.192.42])
 by mx1.freebsd.org (Postfix) with ESMTP id D7C381479
 for <freebsd-hackers@freebsd.org>; Mon, 13 Jul 2015 08:26:39 +0000 (UTC)
 (envelope-from yuri@rawbw.com)
Received: from yuri.doctorlan.com (c-50-184-63-128.hsd1.ca.comcast.net
 [50.184.63.128]) (authenticated bits=0)
 by shell1.rawbw.com (8.15.1/8.15.1) with ESMTPSA id t6D8Qake057908
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO);
 Mon, 13 Jul 2015 01:26:37 -0700 (PDT) (envelope-from yuri@rawbw.com)
X-Authentication-Warning: shell1.rawbw.com: Host
 c-50-184-63-128.hsd1.ca.comcast.net [50.184.63.128] claimed to be
 yuri.doctorlan.com
Message-ID: <55A3763B.7010303@rawbw.com>
Date: Mon, 13 Jul 2015 01:26:35 -0700
From: Yuri <yuri@rawbw.com>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Freebsd hackers list <freebsd-hackers@freebsd.org>
Subject: Re: Does /dev/random in virtual guests provide good random data?
References: <55A2FB68.3070006@rawbw.com>
 <CCCC361E-70E1-4BA4-9765-65653F40DBC7@kientzle.com>
In-Reply-To: <CCCC361E-70E1-4BA4-9765-65653F40DBC7@kientzle.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2015 08:26:40 -0000

On 07/12/2015 18:14, Tim Kientzle wrote:
>     http://www.2uo.de/myths-about-urandom/
>
> In particular, it has this interesting comment:
>
>       FreeBSD does the right thing: they don't have the distinction

There are two approaches in random stream generation. One is to have the 
sufficient random seed, and keep generating the following pseudo-random 
numbers only from this seed. The second approach is to also continuously 
feed the stream from some external source of entropy.

The fact that the long running linux VM still blocks on /dev/random 
indicates that linux tries to collect more entropy on the go, following 
the latter approach (intuitively I would also agree this is better for 
randomness).

So it isn't clear why FreeBSD random stream would be of the same 
quality, if it doesn't collect entropy on the go. Because both Linux and 
BSD have exactly the same entropy sources in VM.

Yuri