Date: Sun, 2 Nov 2014 09:45:15 +0000 From: Mark R V Murray <mark@grondar.org> To: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@FreeBSD.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r273958 - head/sys/dev/random Message-ID: <720EB74E-094A-43F3-8B1C-47BC7F6FECC3@grondar.org> In-Reply-To: <201411020201.sA221unt091493@svn.freebsd.org> References: <201411020201.sA221unt091493@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi DES, I=E2=80=99m scared witless of this being on-by-default, for the reason = given in the removed comment. I=E2=80=99d much prefer to see it only = turned on if a kernel option is set, and the embedded folks /et al/ can = use that. Please reinstate the #ifdef RANDOM_AUTOSEED, and set a kernel option to = turn it on. Please also leave the comment; summarily turning on an = unprepared generator is not going to be obvious to anyone but an = attacker. Moving the point of the auto-firstseed to where is good, thanks. M > On 2 Nov 2014, at 02:01, Dag-Erling Sm=C3=B8rgrav <des@FreeBSD.org> = wrote: >=20 > Author: des > Date: Sun Nov 2 02:01:55 2014 > New Revision: 273958 > URL: https://svnweb.freebsd.org/changeset/base/273958 >=20 > Log: > Restore the auto-reseed logic, but move it to a much later point, > immediately before kick_init. >=20 > Approved by: so (self) >=20 > Modified: > head/sys/dev/random/random_adaptors.c > head/sys/dev/random/yarrow.c >=20 > Modified: head/sys/dev/random/random_adaptors.c > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/sys/dev/random/random_adaptors.c Sun Nov 2 01:47:27 2014 = (r273957) > +++ head/sys/dev/random/random_adaptors.c Sun Nov 2 02:01:55 2014 = (r273958) > @@ -447,30 +447,8 @@ random_adaptors_deinit(void) > } >=20 > /* > - * First seed. > - * > - * NB! NB! NB! > - * NB! NB! NB! > - * > - * It turns out this is bloody dangerous. I was fiddling with code = elsewhere > - * and managed to get conditions where a safe (i.e. seeded) entropy = device should > - * not have been possible. This managed to hide that by unblocking = the device anyway. > - * As crap randomness is not directly distinguishable from good = randomness, this > - * could have gone unnoticed for quite a while. > - * > - * NB! NB! NB! > - * NB! NB! NB! > - * > - * Very luckily, the probe-time entropy is very nearly good enough to = cause a > - * first seed all of the time, and the default settings for other = entropy > - * harvesting causes a proper, safe, first seed (unblock) in short = order after that. > - * > - * That said, the below would be useful where folks are more = concerned with > - * a quick start than with extra paranoia in a low-entropy = environment. > - * > - * markm - October 2013. > + * Reseed the active adaptor shortly before starting init(8). > */ > -#ifdef RANDOM_AUTOSEED > /* ARGSUSED */ > static void > random_adaptors_seed(void *unused __unused) > @@ -484,6 +462,5 @@ random_adaptors_seed(void *unused __unus >=20 > arc4rand(NULL, 0, 1); > } > -SYSINIT(random_seed, SI_SUB_INTRINSIC_POST, SI_ORDER_LAST, > - random_adaptors_reseed, NULL); > -#endif /* RANDOM_AUTOSEED */ > +SYSINIT(random_seed, SI_SUB_KTHREAD_INIT, SI_ORDER_FIRST, > + random_adaptors_seed, NULL); >=20 > Modified: head/sys/dev/random/yarrow.c > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/sys/dev/random/yarrow.c Sun Nov 2 01:47:27 2014 = (r273957) > +++ head/sys/dev/random/yarrow.c Sun Nov 2 02:01:55 2014 = (r273958) > @@ -508,7 +508,9 @@ void > random_yarrow_reseed(void) > { >=20 > + mtx_lock(&random_reseed_mtx); > reseed(SLOW); > + mtx_unlock(&random_reseed_mtx); > } >=20 > int >=20 --=20 Mark R V Murray
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?720EB74E-094A-43F3-8B1C-47BC7F6FECC3>