Date: Fri, 15 Aug 2003 12:07:51 -0700 From: Sam Leffler <sam@errno.com> To: Mike Silbersack <silby@silby.com> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/libkern arc4random.c Message-ID: <87953260.1060949270@melange.errno.com> In-Reply-To: <20030815133943.I1565@odysseus.silby.com> References: <200308150634.h7F6Ylxw022089@repoman.freebsd.org> <76344918.1060937662@melange.errno.com> <20030815133943.I1565@odysseus.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Fri, 15 Aug 2003, Sam Leffler wrote: > >> > Lock down arc4random so it can be safely called w/o Giant. >> > >> > Minor code reorganization was required, but the only functional >> > change was that the first 1024 bytes of output are thrown out >> > after each reseed, rather than just the initial seed. >> >> How did you validate the this change? I strongly suggest that mods like >> this need review before commit. Subtle problems can go unnoticed for a >> long time. >> >> Sam > > I'm fairly confident that I did not add any bugs in this commit. I suggest that being fairly confident about your changes is very different from testing them. > However,I also have no way of knowing if arc4random was working correctly before > the commit either... If you didn't know how to verify things worked before or after why did you make these changes? Was there a specific problem you were trying to address? > How hard would it be to hook up the randomness > testing code you committed a few months back? If the testing code is in > userland, perhaps we could export a /dev/arandom like openbsd does for > simpler testing. > You could use the rndtest code directly in the kernel to gate the output of arc4random or you could extract the code and write a user-level test application. I don't know if Mark Murray has something already along these lines (presumably he had something from his work on /dev/random). Note that the data generated by arc4random needs to be exported to user apps for seeding crypto operations when operating in a chroot'd environment where /dev/random is not available. This is something openbsd identified and that we've not brought over yet (I've known about it for a while but the work's been pending). As such one should be very careful about futzing with the goodness of the data arc4random generates. Sam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87953260.1060949270>