From owner-freebsd-arch@FreeBSD.ORG Tue Feb 24 01:20:34 2015 Return-Path: Delivered-To: arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2000865E for ; Tue, 24 Feb 2015 01:20:34 +0000 (UTC) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "gold.funkthat.com", Issuer "gold.funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id D9C11E11 for ; Tue, 24 Feb 2015 01:20:33 +0000 (UTC) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.14.5/8.14.5) with ESMTP id t1O1KRUQ096569 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 23 Feb 2015 17:20:27 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.14.5/8.14.5/Submit) id t1O1KQZK096568; Mon, 23 Feb 2015 17:20:26 -0800 (PST) (envelope-from jmg) Date: Mon, 23 Feb 2015 17:20:26 -0800 From: John-Mark Gurney To: arch@FreeBSD.org Subject: locks and kernel randomness... Message-ID: <20150224012026.GY46794@funkthat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (gold.funkthat.com [127.0.0.1]); Mon, 23 Feb 2015 17:20:27 -0800 (PST) X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Feb 2015 01:20:34 -0000 I'm working on simplifying kernel randomness interfaces. I would like to get read of all weak random generators, and this means replacing read_random and random(9) w/ effectively arc4rand(9) (to be replaced by ChaCha or Keccak in the future). The issue is that random(9) is called from any number of contexts, such as the scheduler. This makes locking a bit more interesting. Currently, both arc4rand(9) and yarrow/fortuna use a default mtx lock to protect their state. This obviously isn't compatible w/ the scheduler, and possibly other calling contexts. I have a patch[1] that unifies the random interface. It converts a few of the locks from mtx default to mtx spin to deal w/ this. If/when this is accepted, my next plan is to convert away from arc4rand, to either ChaCha or Keccak. I already have another patch that converts arc4rand and friends over to ChaCha. This patch does use PCPU data and sched_pin to help eliminate locks, but this does need more study. We could either do a restartable loop (but there might be too much state to safely do) or a critical section (though running chacha a bunch of times could have impact). [1] https://reviews.freebsd.org/D1956 -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."