From owner-cvs-src@FreeBSD.ORG  Fri Aug 15 12:14:30 2003
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3C02A37B421; Fri, 15 Aug 2003 12:14:27 -0700 (PDT)
Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.157.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id D191443FF3; Fri, 15 Aug 2003 12:14:26 -0700 (PDT)
	(envelope-from mark@grondar.org)
Received: from storm.FreeBSD.org.uk (Ugrondar@localhost [127.0.0.1])
	by storm.FreeBSD.org.uk (8.12.9/8.12.9) with ESMTP id h7FJEHHo073425;
	Fri, 15 Aug 2003 20:14:17 +0100 (BST)
	(envelope-from mark@grondar.org)
Received: (from Ugrondar@localhost)h7FJEGmW073424;
	Fri, 15 Aug 2003 20:14:16 +0100 (BST)
X-Authentication-Warning: storm.FreeBSD.org.uk: Ugrondar set sender to
	mark@grondar.org using -f
Received: from grondar.org (localhost [127.0.0.1])h7FJBkOI003844;
	Fri, 15 Aug 2003 20:11:47 +0100 (BST)
	(envelope-from mark@grondar.org)
From: Mark Murray <mark@grondar.org>
Message-Id: <200308151911.h7FJBkOI003844@grimreaper.grondar.org>
To: Mike Silbersack <silby@silby.com>
In-Reply-To: Your message of "Fri, 15 Aug 2003 13:41:42 CDT."
             <20030815133943.I1565@odysseus.silby.com> 
Date: Fri, 15 Aug 2003 20:11:45 +0100
Sender: mark@grondar.org
X-Spam-Status: No, hits=0.2 required=5.0
	tests=EMAIL_ATTRIBUTION,FROM_NO_LOWER,IN_REP_TO,
	      QUOTED_EMAIL_TEXT,REPLY_WITH_QUOTES
	version=2.55
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
cc: Sam Leffler <sam@errno.com>
cc: src-committers@FreeBSD.org
cc: cvs-all@FreeBSD.org
cc: cvs-src@FreeBSD.org
Subject: Re: cvs commit: src/sys/libkern arc4random.c 
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Aug 2003 19:14:30 -0000

Mike Silbersack writes:
> > How did you validate the this change?  I strongly suggest that mods like
> > this need review before commit.  Subtle problems can go unnoticed for a
> > long time.
> >
> > 	Sam
> 
> I'm fairly confident that I did not add any bugs in this commit.  However,
> I also have no way of knowing if arc4random was working correctly before
> the commit either... How hard would it be to hook up the randomness
> testing code you committed a few months back?  If the testing code is in
> userland, perhaps we could export a /dev/arandom like openbsd does for
> simpler testing.

I have not looked at the locking, but I have looked at this from a
randomness perspective.

With that in mind, I think Mike did the right thing in making sure
that the first chunk of arcfour 'randomness' is ditched after a
rekey. It may be fixing a non-problem, but if there is an undisclosed
problem in determining the arcfour sequence, this helps thwart that.

For the paranoids, this is cheap (almost free), and is solid from a
arcfour-neurotic perspective.

M
--
Mark Murray
iumop ap!sdn w,I idlaH