Date: Sat, 26 Dec 2009 03:32:16 +0000 From: RW <rwmaillists@googlemail.com> To: freebsd-hackers@freebsd.org Subject: Re: yarrow random generator Message-ID: <20091226033216.145bb35f@gumby.homeunix.com> In-Reply-To: <4B3530C2.4020607@FreeBSD.org> References: <5a5b03660912240445x7df1498dt42e29d93105efebc@mail.gmail.com> <oCmohG1K70vWpt/39IVPMdciTgk@DNdB9ElzNmEFYWRqT2UTVtuts%2BE> <4B339F27.6020707@freebsd.org> <5a5b03660912240941r6b76a839u819a8a1408816386@mail.gmail.com> <alpine.BSF.2.00.0912241945490.73550@fledge.watson.org> <20091224231334.2e242371@gumby.homeunix.com> <alpine.BSF.2.00.0912251345230.73550@fledge.watson.org> <4B3530C2.4020607@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 25 Dec 2009 13:38:10 -0800 Doug Barton <dougb@FreeBSD.org> wrote: > Robert Watson wrote: > > I'll point Mark Murray at this thread and see if we can get him to > > opine some on the current design choices and any potential changes > > to address them. I was interested by your observation that the > > boot-time dumping of bits into /dev/random may overflow the > > buffering -- > > I was peripherally involved in the introduction of yarrow in the sense > that I wrote most of the rc and periodic stuff for it so I am also > interested in this issue. Rather than speculating about whether it's > overflowing the buffer perhaps a patch can be produced to test this > hypothesis? It's not really speculation, the data is broken into 16 byte chunks, random_harvest_internal() is called to copy each chunk into a buffer and queue it. If there are 256 or more buffers in the queue random_harvest_internal() returns without doing anything. The kernel thread that processes the queues calls pause("-", hz /10) each time it loops. A fairly simple solution would be piping all that low-grade entropy from sysctl and ps etc through sha256, reducing it to 64 bytes.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091226033216.145bb35f>