Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 15 Sep 2012 16:10:15 +0100
From:      Ben Laurie <benl@freebsd.org>
To:        Mark Murray <markm@freebsd.org>
Cc:        Arthur Mesh <arthurmesh@gmail.com>, Ian Lepore <freebsd@damnhippie.dyndns.org>, Doug Barton <dougb@freebsd.org>, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com>, "Bjoern A. Zeeb" <bz@freebsd.org>
Subject:   Re: svn commit: r239569 - head/etc/rc.d
Message-ID:  <CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A@mail.gmail.com>
In-Reply-To: <E1TCr9q-0005go-IM@groundzero.grondar.org>
References:  <50453686.9090100@FreeBSD.org> <20120911082309.GD72584@dragon.NUXI.org> <504F0687.7020309@FreeBSD.org> <201209121628.18088.jhb@freebsd.org> <5050F477.8060409@FreeBSD.org> <20120912213141.GI14077@x96.org> <20120913052431.GA15052@dragon.NUXI.org> <alpine.BSF.2.00.1209131258210.13080@ai.fobar.qr> <alpine.BSF.2.00.1209141336170.13080@ai.fobar.qr> <E1TCXN0-000NFT-7I@groundzero.grondar.org> <CAG5KPzwOdCkybj3D5uic1KC-pwW-pewgsrqrXg60f5SJjtzYPw@mail.gmail.com> <E1TCbDG-0002Hz-9D@groundzero.grondar.org> <CAG5KPzzRxzVX-%2B9fYjRdqjY-wScbM6AA7GYtLmktgMG0Zg8iyQ@mail.gmail.com> <E1TCbSz-0007CJ-BI@groundzero.grondar.org> <CAG5KPzyJNmXRfxtPPrdc2zVCsxGtDfJT79YC3a1PNUfOOSzt8A@mail.gmail.com> <E1TCcIq-000Brr-Ex@groundzero.grondar.org> <CAG5KPzwEESg7iUb2%2B-kAN%2Bk55M95BZjh5VaSvxzSsSCVuZ9kMw@mail.gmail.com> <E1TCdlD-000C1N-4g@groundzero.grondar.org> <CAG5KPzzFO1H5Wcx34oXi09=aJqg5w%2BXWSd8fnn0Byvpy_8%2B-rA@mail.gmail.com> <E1TCpk1-000N2H-Vq@groundzero.grondar.org> <CAG5KPzxOua1t%2BWCef77E5jA1j_m6faw3JXUgsy8W_TeE%2BkpLUg@mail.gmail.com> <E1TCr9q-0005go-IM@groundzero.grondar.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 15, 2012 at 1:07 PM, Mark Murray <markm@freebsd.org> wrote:
> Ben Laurie writes:
>> I notice that events are also discarded when the queue reaches a
>> certain length. This seems like a problem, too.
>
> Hooboy.
>
> Please go back and read this whole thread from the beginning. Attempting
> to mitigate the inevitable effects of filling the harvest queue is the
> main thrust of what I'm trying to solve.

I am not re-reading the thread! Much of it is ranting and I don't have
the time or energy - plus, the thread is almost entirely about how to
change inputs to deal with artefacts of the implementation. If there
was discussion about the basic design, then I missed it and I'm sorry.
It seems to me that much of the problem derives from a departure from
Yarrow, which does not include a queue that can be filled. The queue
appears to exist because of a fear that people might abuse a direct
feed into yarrow and consume too many resources. How about this as a
suggestion: have a device that does feed directly to yarrow and make
it root-only. Keep the queued design for the public device. Obviously
it would still be nice to try to extract as much goodness as possible
from the public inputs, but it seems less critical.

BTW, my interested here is as a member of the security team and
particularly as a result of
https://freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs/
- most of the offending devices were Linux based, but it seems some of
them were FreeBSD - and whilst I think we're in much better shape than
Linux, I also think there's room for improvement.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG5KPzymZY0ua2cAkzB-MK54G2WbWYi9J01c8YW4F9LOdVvc9A>