Date: Sat, 15 Sep 2012 16:10:15 +0100 From: Ben Laurie <benl@freebsd.org> To: Mark Murray <markm@freebsd.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, Ian Lepore <freebsd@damnhippie.dyndns.org>, Doug Barton <dougb@freebsd.org>, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com>, "Bjoern A. Zeeb" <bz@freebsd.org> Subject: Re: svn commit: r239569 - head/etc/rc.d Message-ID: <CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A@mail.gmail.com> In-Reply-To: <E1TCr9q-0005go-IM@groundzero.grondar.org> References: <50453686.9090100@FreeBSD.org> <20120911082309.GD72584@dragon.NUXI.org> <504F0687.7020309@FreeBSD.org> <201209121628.18088.jhb@freebsd.org> <5050F477.8060409@FreeBSD.org> <20120912213141.GI14077@x96.org> <20120913052431.GA15052@dragon.NUXI.org> <alpine.BSF.2.00.1209131258210.13080@ai.fobar.qr> <alpine.BSF.2.00.1209141336170.13080@ai.fobar.qr> <E1TCXN0-000NFT-7I@groundzero.grondar.org> <CAG5KPzwOdCkybj3D5uic1KC-pwW-pewgsrqrXg60f5SJjtzYPw@mail.gmail.com> <E1TCbDG-0002Hz-9D@groundzero.grondar.org> <CAG5KPzzRxzVX-%2B9fYjRdqjY-wScbM6AA7GYtLmktgMG0Zg8iyQ@mail.gmail.com> <E1TCbSz-0007CJ-BI@groundzero.grondar.org> <CAG5KPzyJNmXRfxtPPrdc2zVCsxGtDfJT79YC3a1PNUfOOSzt8A@mail.gmail.com> <E1TCcIq-000Brr-Ex@groundzero.grondar.org> <CAG5KPzwEESg7iUb2%2B-kAN%2Bk55M95BZjh5VaSvxzSsSCVuZ9kMw@mail.gmail.com> <E1TCdlD-000C1N-4g@groundzero.grondar.org> <CAG5KPzzFO1H5Wcx34oXi09=aJqg5w%2BXWSd8fnn0Byvpy_8%2B-rA@mail.gmail.com> <E1TCpk1-000N2H-Vq@groundzero.grondar.org> <CAG5KPzxOua1t%2BWCef77E5jA1j_m6faw3JXUgsy8W_TeE%2BkpLUg@mail.gmail.com> <E1TCr9q-0005go-IM@groundzero.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 15, 2012 at 1:07 PM, Mark Murray <markm@freebsd.org> wrote: > Ben Laurie writes: >> I notice that events are also discarded when the queue reaches a >> certain length. This seems like a problem, too. > > Hooboy. > > Please go back and read this whole thread from the beginning. Attempting > to mitigate the inevitable effects of filling the harvest queue is the > main thrust of what I'm trying to solve. I am not re-reading the thread! Much of it is ranting and I don't have the time or energy - plus, the thread is almost entirely about how to change inputs to deal with artefacts of the implementation. If there was discussion about the basic design, then I missed it and I'm sorry. It seems to me that much of the problem derives from a departure from Yarrow, which does not include a queue that can be filled. The queue appears to exist because of a fear that people might abuse a direct feed into yarrow and consume too many resources. How about this as a suggestion: have a device that does feed directly to yarrow and make it root-only. Keep the queued design for the public device. Obviously it would still be nice to try to extract as much goodness as possible from the public inputs, but it seems less critical. BTW, my interested here is as a member of the security team and particularly as a result of https://freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs/ - most of the offending devices were Linux based, but it seems some of them were FreeBSD - and whilst I think we're in much better shape than Linux, I also think there's room for improvement.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A>