Re: CVS commit: src

[yamt%mwd.biglobe.ne.jp@localhost (YAMAMOTO Takashi)]

hi,

is the change in conf/std still necessary?

YAMAMOTO Takashi

> Module Name:  src
> Committed By: tls
> Date:         Sat Dec 17 20:05:40 UTC 2011
> 
> Modified Files:
>       src/share/man/man4: rnd.4
>       src/share/man/man9: cprng.9 rnd.9
>       src/sys/conf: files
>       src/sys/crypto/nist_ctr_drbg: nist_ctr_drbg_aes128.h
>           nist_ctr_drbg_aes256.h
>       src/sys/dev: rnd.c rndpool.c
>       src/sys/dev/iscsi: iscsi_text.c
>       src/sys/dist/pf/netinet: tcp_rndiss.c
>       src/sys/kern: init_sysctl.c subr_cprng.c
>       src/sys/net: if_spppsubr.c
>       src/sys/netinet: tcp_subr.c
>       src/sys/rump/dev/lib/librnd: Makefile
>       src/sys/rump/librump/rumpkern: cprng_stub.c
>       src/sys/sys: cprng.h param.h rnd.h
> Added Files:
>       src/sys/dev: rndpseudo.c
> 
> Log Message:
> Separate /dev/random pseudodevice implemenation from kernel entropy pool
> implementation.  Rewrite pseudodevice code to use cprng_strong(9).
> 
> The new pseudodevice is cloning, so each caller gets bits from a stream
> generated with its own key.  Users of /dev/urandom get their generators
> keyed on a "best effort" basis -- the kernel will rekey generators
> whenever the entropy pool hits the high water mark -- while users of
> /dev/random get their generators rekeyed every time key-length bits
> are output.
> 
> The underlying cprng_strong API can use AES-256 or AES-128, but we use
> AES-128 because of concerns about related-key attacks on AES-256.  This
> improves performance (and reduces entropy pool depletion) significantly
> for users of /dev/urandom but does cause users of /dev/random to rekey
> twice as often.
> 
> Also fixes various bugs (including some missing locking and a reseed-counter
> overflow in the CTR_DRBG code) found while testing this.
> 
> For long reads, this generator is approximately 20 times as fast as the
> old generator (dd with bs=64K yields 53MB/sec on 2Ghz Core2 instead of
> 2.5MB/sec) and also uses a separate mutex per instance so concurrency
> is greatly improved.  For reads of typical key sizes for modern
> cryptosystems (16-32 bytes) performance is about the same as the old
> code: a little better for 32 bytes, a little worse for 16 bytes.
> 
> 
> To generate a diff of this commit:
> cvs rdiff -u -r1.16 -r1.17 src/share/man/man4/rnd.4
> cvs rdiff -u -r1.3 -r1.4 src/share/man/man9/cprng.9
> cvs rdiff -u -r1.18 -r1.19 src/share/man/man9/rnd.9
> cvs rdiff -u -r1.1032 -r1.1033 src/sys/conf/files
> cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h \
>     src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h
> cvs rdiff -u -r1.88 -r1.89 src/sys/dev/rnd.c
> cvs rdiff -u -r1.21 -r1.22 src/sys/dev/rndpool.c
> cvs rdiff -u -r0 -r1.1 src/sys/dev/rndpseudo.c
> cvs rdiff -u -r1.2 -r1.3 src/sys/dev/iscsi/iscsi_text.c
> cvs rdiff -u -r1.3 -r1.4 src/sys/dist/pf/netinet/tcp_rndiss.c
> cvs rdiff -u -r1.185 -r1.186 src/sys/kern/init_sysctl.c
> cvs rdiff -u -r1.4 -r1.5 src/sys/kern/subr_cprng.c
> cvs rdiff -u -r1.124 -r1.125 src/sys/net/if_spppsubr.c
> cvs rdiff -u -r1.243 -r1.244 src/sys/netinet/tcp_subr.c
> cvs rdiff -u -r1.2 -r1.3 src/sys/rump/dev/lib/librnd/Makefile
> cvs rdiff -u -r1.3 -r1.4 src/sys/rump/librump/rumpkern/cprng_stub.c
> cvs rdiff -u -r1.3 -r1.4 src/sys/sys/cprng.h
> cvs rdiff -u -r1.397 -r1.398 src/sys/sys/param.h
> cvs rdiff -u -r1.27 -r1.28 src/sys/sys/rnd.h
> 
> Please note that diffs are not public domain; they are subject to the
> copyright notices on the relevant files.