From owner-svn-src-head@FreeBSD.ORG Thu Jul 5 23:19:17 2012 Return-Path: Delivered-To: svn-src-head@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3EA611065670; Thu, 5 Jul 2012 23:19:17 +0000 (UTC) (envelope-from ache@vniz.net) Received: from vniz.net (vniz.net [194.87.13.69]) by mx1.freebsd.org (Postfix) with ESMTP id 5A7008FC08; Thu, 5 Jul 2012 23:19:13 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by vniz.net (8.14.5/8.14.5) with ESMTP id q65NJ5Qr076733; Fri, 6 Jul 2012 03:19:05 +0400 (MSK) (envelope-from ache@vniz.net) Received: (from ache@localhost) by localhost (8.14.5/8.14.5/Submit) id q65NJ4wG076732; Fri, 6 Jul 2012 03:19:05 +0400 (MSK) (envelope-from ache) Date: Fri, 6 Jul 2012 03:19:04 +0400 From: Andrey Chernov To: Pawel Jakub Dawidek Message-ID: <20120705231903.GA76664@vniz.net> Mail-Followup-To: Andrey Chernov , Pawel Jakub Dawidek , John Baldwin , Attilio Rao , David Chisnall , src-committers@FreeBSD.ORG, svn-src-all@FreeBSD.ORG, svn-src-head@FreeBSD.ORG, Konstantin Belousov , markm@FreeBSD.ORG References: <201207041951.q64JpPXu029310@svn.freebsd.org> <8344944B-1CEE-4CAD-96FB-EC5A743F6909@FreeBSD.org> <201207050749.43210.jhb@freebsd.org> <20120705213901.GA1442@garage.freebsd.pl> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cWoXeonUoKmBZSoM" Content-Disposition: inline In-Reply-To: <20120705213901.GA1442@garage.freebsd.pl> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: src-committers@FreeBSD.ORG, John Baldwin , svn-src-all@FreeBSD.ORG, David Chisnall , Attilio Rao , Konstantin Belousov , svn-src-head@FreeBSD.ORG, markm@FreeBSD.ORG Subject: Re: svn commit: r238118 - head/lib/libc/gen X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jul 2012 23:19:17 -0000 --cWoXeonUoKmBZSoM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 05, 2012 at 11:39:02PM +0200, Pawel Jakub Dawidek wrote: > > sysctls are not all Giant locked. KERN_ARND is marked MPSAFE, so it d= oes not=20 > > use Giant: >=20 > It doesn't really matter. Our in-kernel random generator has its own > giant lock, so is basically single threaded. Compare results of those > two on some SMP machine: >=20 > # dd if=3D/dev/random of=3D/dev/null bs=3D1m count=3D1024 >=20 > # sh -c 'for i in `jot $(sysctl -n hw.ncpu)`; do dd if=3D/dev/random of= =3D/dev/null bs=3D1m count=3D128 & done' It doesn't really matter for KERN_ARND because it is rarely reseeded and=20 consume most of its time on internal arc4 permutations. That is why strong= =20 KERN_ARND seeding after boot is required (currently it is very weak and=20 easily guessed as I already mention) - started right after boot=20 applications all suffers from weak seeding up to the next rare KERN_ARND=20 and arc4random() both reseeds.. --=20 http://ache.vniz.net/ --cWoXeonUoKmBZSoM Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAk/2IOcACgkQVg5YK5ZEdN2XRgCgtyIYXuY50eyxAojhXAhdPI7x te4AnA7zICkZ6S95V3wRl0nM9BubhrSO =fHc7 -----END PGP SIGNATURE----- --cWoXeonUoKmBZSoM--