projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 05dd972) | patch
Change the seeder array from a modulo to a logical AND, improving performance
authorMatthew Dillon <dillon@dragonflybsd.org>
Mon, 10 Jul 2006 21:06:09 +0000 (21:06 +0000)
committerMatthew Dillon <dillon@dragonflybsd.org>
Mon, 10 Jul 2006 21:06:09 +0000 (21:06 +0000)
commitc26b3d4d58daebaaefe006e9c911b66613875dfd
treea8350c828fb89c8d93e2871ce4137172ffaa5d15tree | snapshot
parent05dd972ccc5b552f02829ae4ec54fa84b6acdc4bcommit | diff
Change the seeder array from a modulo to a logical AND, improving performance
and allowing us to overflow the index variable without overflowing the
array.

Implement seeding via writes to /dev/random.  Seeding is only allowed
if the kern.seedenable sysctl is set to 1 (defaults to 0), and the securelevel
is less then or equal to 0.  Note that the random number generator also
self-seeds to some degree.

Writing to /dev/random is no longer a sink null.  Writing to /dev/urandom
is no longer allowed at all.

Modify the seeding code to mix a few of the bits with PNG feedback to reduce
the possibility of seeding-based attacks.

Intentionally feed /dev/urandom back into /dev/random for a bit, then run
DIEHARD to test for any obvious screwups.  Passes DIEHARD.
sys/i386/i386/mem.c diff | blob | blame | history
sys/kern/kern_memio.c diff | blob | blame | history
sys/kern/kern_nrandom.c diff | blob | blame | history
sys/platform/pc32/i386/mem.c diff | blob | blame | history
DragonFly Project Source