From owner-freebsd-security@FreeBSD.ORG Fri Sep 14 16:26:00 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7A38F106566B; Fri, 14 Sep 2012 16:26:00 +0000 (UTC) (envelope-from benlaurie@gmail.com) Received: from mail-vb0-f54.google.com (mail-vb0-f54.google.com [209.85.212.54]) by mx1.freebsd.org (Postfix) with ESMTP id BF9D48FC14; Fri, 14 Sep 2012 16:25:59 +0000 (UTC) Received: by vbmv11 with SMTP id v11so6478817vbm.13 for ; Fri, 14 Sep 2012 09:25:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=aywV/VuI6GqDfDQpiZHZ/wQJ91l/dssGHzNLsaoYF1c=; b=eCICY7QOzCqEGNJKwn1OaPlhTY7Ndg6BAL+Z6qT51sSn82BiZGg1n8lbF1pfKKRdtF cT/I0tKh2l6+19Iw448hjbjrTwtgM4BGpXojOFMU8XL6EvyL/CGZ/tQweevLPBOY7V14 kb1bvkjKTGSTkgalim7HbXhi9E+D+F1urFKqkGw4z6x5OlBh2nYzzjF23vsW/wAypBM0 7vvszg4N0DXJ4og+LP/rB4lrKs+IHW61+o3zoUYZ1gEKOJbXzqX9o7E/sBPybhyk7C6c TizActuqow2Wmu005TZiWwBcVvZqk8sKp1tR2HptOJnhY2Nryqa41XN7zECoveQF75ed e6Jg== MIME-Version: 1.0 Received: by 10.59.7.68 with SMTP id da4mr2869166ved.4.1347639959190; Fri, 14 Sep 2012 09:25:59 -0700 (PDT) Sender: benlaurie@gmail.com Received: by 10.58.79.243 with HTTP; Fri, 14 Sep 2012 09:25:59 -0700 (PDT) In-Reply-To: <20120914154617.39025ac0@gumby.homeunix.com> References: <50453686.9090100@FreeBSD.org> <20120911082309.GD72584@dragon.NUXI.org> <504F0687.7020309@FreeBSD.org> <201209121628.18088.jhb@freebsd.org> <5050F477.8060409@FreeBSD.org> <20120912213141.GI14077@x96.org> <20120913052431.GA15052@dragon.NUXI.org> <20120914154617.39025ac0@gumby.homeunix.com> Date: Fri, 14 Sep 2012 17:25:59 +0100 X-Google-Sender-Auth: 30ayUiS8iu7OJbulj1rZ7B4dx2A Message-ID: From: Ben Laurie To: RW Content-Type: text/plain; charset=ISO-8859-1 Cc: Arthur Mesh , Ian Lepore , Doug Barton , freebsd-security@freebsd.org, "Bjoern A. Zeeb" Subject: Re: svn commit: r239569 - head/etc/rc.d X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Sep 2012 16:26:00 -0000 On Fri, Sep 14, 2012 at 3:46 PM, RW wrote: > On Fri, 14 Sep 2012 14:43:53 +0100 > Ben Laurie wrote: > >> On Fri, Sep 14, 2012 at 2:38 PM, Bjoern A. Zeeb >> wrote: >> > 7) send all data to the kernel and hash (arch dependent?) it + >> > counter value into the buffer on overflow, as in b[n] = H(b[n] + c >> > + i[n]) in the kernel >> > (can control when buffer full and only then take action when >> > needed, indepedent on how seed data is chosen, uses standard >> > technology) >> >> IMO, this is the only good option. > > No it isn't. I means that the hashing is unconditional, so anyone that > needs a faster boot needs to patch the kernel. Has anyone measured the cost of doing this? Also, if you really want to turn it off, we could provide a flag. > It has no advantage > whatsoever over a minor change to initrandom. It absolutely has. It applies to all inputs to /dev/random, not just those that come from initrandom. Also, should something get to write to it before initrandom, initrandom's input would still be used.