From owner-freebsd-security  Thu Mar 27 12:38:13 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id MAA19728
          for security-outgoing; Thu, 27 Mar 1997 12:38:13 -0800 (PST)
Received: from critter.dk.tfs.com ([140.145.230.252])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA19696;
          Thu, 27 Mar 1997 12:38:00 -0800 (PST)
Received: from critter (localhost [127.0.0.1])
	by critter.dk.tfs.com (8.8.5/8.8.5) with ESMTP id VAA00552;
	Thu, 27 Mar 1997 21:37:05 +0100 (CET)
To: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.ru>
cc: Joerg Wunsch <joerg_wunsch@uriah.heep.sax.de>, markm@freebsd.org,
        security@freebsd.org
Subject: Re: ATTENTION: Initial state of random pool 
In-reply-to: Your message of "Thu, 27 Mar 1997 22:17:56 +0300."
             <Pine.BSF.3.96.970327220407.872A-100000@nagual.ru> 
Date: Thu, 27 Mar 1997 21:37:05 +0100
Message-ID: <550.859495025@critter>
From: Poul-Henning Kamp <phk@critter.dk.tfs.com>
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>I see blkdev randomness commented out in the code, maybe we can
>re-activate it?
>If my fears are true, we need to fix it ASAP.
>Any ideas?

A semi-not-too-bad priming method could be:

	for dev in all diskmedia
		ts = time
		bno = ts.tv_usec & dssize(dev)
		read sector bno
		add sectore to random pool

It will probably not be too great on machines with newly formatted
disks, but otherwise it should do well...

--
Poul-Henning Kamp           | phk@FreeBSD.ORG       FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk    Private mailbox.
whois: [PHK]                | phk@tfs.com           TRW Financial Systems, Inc.
Power and ignorance is a disgusting cocktail.