tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Patch: rework kernel random number subsystem



New patch at http://www.panix.com/~tls/rnd3.diff which has Jachym Holecek's
fix for the "data corruption" issue (which isn't, actually), makes the
sysctl prng IPL_NONE, and fixes some issues revealed by LOCKDEBUG.

Also, this fixes a very old and ugly bug where rnd_add_data manipulated
the entropy pool directly without locking.

This actually seems fairly stable for me, so I'm curious about others'
results.  A good way to test is:
        while true; do sysctl kern.urandom > /dev/null; done

I'll do some KNF cleanup and hook this up to the pseudodevice nodes next,
and we can see how it performs.

Thor


Home | Main Index | Thread Index | Old Index