From owner-freebsd-security@FreeBSD.ORG Sat Jul 19 20:54:00 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6E89BB96 for ; Sat, 19 Jul 2014 20:54:00 +0000 (UTC) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EC3D22DC0 for ; Sat, 19 Jul 2014 20:53:59 +0000 (UTC) Received: from tom.home (kib@localhost [127.0.0.1]) by kib.kiev.ua (8.14.9/8.14.9) with ESMTP id s6JKroV2021925 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 19 Jul 2014 23:53:50 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.9.2 kib.kiev.ua s6JKroV2021925 Received: (from kostik@localhost) by tom.home (8.14.9/8.14.9/Submit) id s6JKro87021924; Sat, 19 Jul 2014 23:53:50 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Sat, 19 Jul 2014 23:53:50 +0300 From: Konstantin Belousov To: Steven Chamberlain Subject: Re: Speed and security of /dev/urandom Message-ID: <20140719205350.GX93733@kib.kiev.ua> References: <53C85F42.1000704@pyro.eu.org> <20140719190348.GM45513@funkthat.com> <20140719192605.GV93733@kib.kiev.ua> <53CAD950.1010609@pyro.eu.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="DPJBYVEhUEzhw0AK" Content-Disposition: inline In-Reply-To: <53CAD950.1010609@pyro.eu.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on tom.home Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 20:54:00 -0000 --DPJBYVEhUEzhw0AK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 19, 2014 at 09:47:12PM +0100, Steven Chamberlain wrote: > On 19/07/14 20:26, Konstantin Belousov wrote: > > I think that using sysctl for non-management functionality is wrong. > > If this feature is for the libraries and applications, and not for > > system management and introspection utilities, it should be normal > > syscall. >=20 > If this is only to seed the arc4random in userland (with ~256 bytes or > so), it would be just like OpenBSD getentropy(2)? >=20 > Just yesterday, something very similar is proposed for Linux, called > getrandom(2): > http://lists.openwall.net/linux-kernel/2014/07/18/329 We, in fact, do not use sysctl for seeding SSP canary. Kernel puts random bytes on stack, and libc fetches them. But it is 64 bytes for 64-bit platforms, 32 bytes for 32-bit. Yes, the interface of the getrandom(2) from the link above looks reasonable. The big question is, indeed, about its supposed use models. For one-time seeding of RNG with fixed amount of bytes, the ELF aux vector mechanism is much less intrusive and faster. --DPJBYVEhUEzhw0AK Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJTytreAAoJEJDCuSvBvK1BJ4wP/2RhGh6eKONjZy9SoERMeXFA NPby8t4rMlrYMPd8HXRCsBG30Nk6PyR3o2DUTr7gwr4EVnNEeCOGsUxvE+cApNpJ M/0nyThwV+3WUyAkSPkHofrpRWfMtmcVKHdV/b9UoH83Rj2sihKbbihOcEXE7ZIC LJqy5SMu82vWZlzlebOCbgUQrkeB98reVqRBidY5ll58AB3QkoWUB/kUZ2RdcM2Y dl3qfkBdDGZXwYqXQDhhdm8NDNbZRmmie+ROdJS7bKsBB6D07KdiUnVKf8Yrl3jP QpFIoppszAvlASsUycYgHue57bzLaAXLyXMQFSertdN0LEuRWojcEHS1q+BdUjGN FfzcMFja2ct848H2WGK2qkUoBwHZzZIUNZXOkgHmIpKRfgl++6MD/LsgwpWrnRdU gm+rcaOGZh7t5sn7lzlR7dtV+rfxrUcVDVo6G8SDPxwiWZk5m60+peSXc3WbPEoN g+g7QMFafhdhR7EvHAp99DglcD14O0fj4Zh3SREM5k4k+q4u4PIge2wDrOlmI0Yx 1IV7YTwdAFaefoz1VJdIW3poxXZ1vPsBiqwLbd6eaEZ2xba/S6dOyou6RRu/Lt0s 6JRY4DjnuF1xm0SVCUEUZDUmNy/nsi+ycfyLQDLq92Aht0TDs8osrKFwUuYUVJRk b/v4Z+nIcBWcN/9xGmpV =twcs -----END PGP SIGNATURE----- --DPJBYVEhUEzhw0AK--