Re: regarding the changes to kernel entropy gathering

[Taylor R Campbell <riastradh%NetBSD.org@localhost>]

> Date: Sat, 03 Apr 2021 12:24:29 -0700
> From: "Greg A. Woods" <woods%planix.ca@localhost>
> 
> Updating a system, even on -current, shouldn't create a long-lived
> situation where the system documentation and the behaviour and actions
> of system commands is completely out of sync with the behaviour of the
> kernel, and in fact lies to the administrator about the abilities of the
> system.

It would help if you could identify specifically what you are calling
a lie.

> @@ -1754,21 +1766,21 @@
>  rnd_add_uint32(struct krndsource *rs, uint32_t value)
>  {
> 
> -	rnd_add_data(rs, &value, sizeof value, 0);
> +	rnd_add_data(rs, &value, sizeof value, sizeof value * NBBY);
>  }

The rnd_add_uint32 function is used by drivers to feed in data from
sources _with no known model for their entropy_.  It's how drivers
toss in data that might be helpful but might totally predictable, and
the driver has no way to know.

Your change _creates_ the lie that every bit of data entered this way
is drawn from a source with independent uniform distribution.

What NetBSD-current is telling you on your Xen system, on a CPU
predating RDRAND/RDSEED, is the unfortunate truth that there is no
reliable source of entropy available in your system -- annoying, yes,
but when you talk about `matters so important as system security and
integrity' you might prefer to hear about this rather than have it
swept under the rug.

What your patch does is shoot yourself in the foot by fantasizing that
_every_ source using rnd_add_uint32, even if it predictably always
supplies all-zero bits, has the maximum entropy possible.