Date: Mon, 29 Nov 1999 11:26:19 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: Bruce Evans <bde@zeta.org.au> Cc: Mike Smith <msmith@FreeBSD.org>, audit@FreeBSD.org, Warner Losh <imp@village.org> Subject: Re: cvs commit: src/sys/i386/conf files.i386 src/sys/kern kern_fork.c src/sys/libkern arc4random.c src/sys/sys libkern.h Message-ID: <Pine.BSF.4.21.9911291125140.51314-100000@hub.freebsd.org> In-Reply-To: <Pine.BSF.4.10.9911292245180.12106-100000@alphplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 29 Nov 1999, Bruce Evans wrote: > > On Mon, 29 Nov 1999, Bruce Evans wrote: > > > This does the same thing as the i386 implementation on a bad day. The > > > caller must be prepared for a limited amount of entropy being available. > > > All callers except the ones for userland get this wrong by calling > > > read_random() on alphas and always ignoring the result of read_random(). > > > > Can you suggest a decent fix? Simply polling until we fill our desired > > buffer? Using read_random_unlimited() may well be "good enough" in many > > cases. > > Polling would be too slow. I don't know if read_random_unlimited() is good > enough. Randomness is needed soon after booting. Then it is not clear > that read_random_unlimited() can provide _any_ true randomness. See the > comment in init_main.c where random() is initialised. Probably in the case when we first initialise the PRNG we can afford the performance hit and poll until we get as much entropy as we need, and in most other cases just use read_random_unlimited(). Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9911291125140.51314-100000>