Page MenuHomeFreeBSD
Differential D16866

Fix excessive reseeding in random(4).
AbandonedPublic
Actions

Authored by markm on Aug 23 2018, 1:16 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 19, 12:07 PM
Unknown Object (File)
Tue, Nov 19, 11:53 AM
Unknown Object (File)
Fri, Nov 1, 5:35 PM
Unknown Object (File)
Fri, Nov 1, 5:34 PM
Unknown Object (File)
Fri, Nov 1, 5:34 PM
Unknown Object (File)
Fri, Nov 1, 5:14 PM
Unknown Object (File)
Oct 21 2024, 10:53 AM
Unknown Object (File)
Oct 20 2024, 8:36 PM
View All 61 Files
Subscribers
delphij
jmg

Details

Reviewers
cem
delphij
Group Reviewers
secteam
Summary

Fix braino of mine where the reseeds would happen far too often, making the kernel process way too busy.

PR: 230808
Submitted by: Conrad Meyer <cem@FreeBSD.org>
Reported by: Danilo Egea Gondolfo <danilo@FreeBSD.org>

Test Plan

Make the PRNG work hard while doing something intensive like "make
world". To make the PRNG work hard, do e.g.
$ dd if=/dev/random of=/dev/null bs=$((1024*1024))

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 19103
Build 18730: arc lint + arc unit

Event Timeline

markm created this revision.Aug 23 2018, 1:16 PM
Harbormaster completed remote builds in B19092: Diff 47164.Aug 23 2018, 1:16 PM
markm updated this revision to Diff 47165.Aug 23 2018, 1:21 PM

Add the differential revision to the commit message.

Harbormaster completed remote builds in B19093: Diff 47165.Aug 23 2018, 1:21 PM
jmg added a subscriber: jmg.Aug 23 2018, 4:16 PM

Please commit these patches separately. They deal w/ different issues.

sys/dev/random/random_harvestq.c
222 ↗(On Diff #47165)

this still results in excessive seeding. It caps the read rate to pools*8*8, or putting 64 bytes per pool in for every 4 bytes read. As most things will read a minimum of 16 bytes (128 bits), the smallest expected value for read_rate is 5 (the increment isn't a proper ceil function), or 40 bytes per pool for every read. With the number of pools, that's a lot of extra work still.

markm updated this revision to Diff 47178.Aug 23 2018, 4:27 PM

Split into two separate commits as per review request.

Harbormaster completed remote builds in B19103: Diff 47178.Aug 23 2018, 4:27 PM
markm retitled this revision from Fix performance-damaging issues in random(4) to Fix excessive reseeding in random(4)..Aug 23 2018, 4:32 PM
markm edited the summary of this revision. (Show Details)
delphij accepted this revision.Aug 23 2018, 4:38 PM
delphij added a subscriber: delphij.

LGTM. cem@ or markm@, could you please commit this before code freeze?

This revision is now accepted and ready to land.Aug 23 2018, 4:38 PM
markm abandoned this revision.Aug 23 2018, 4:39 PM
cem added a comment.Aug 23 2018, 4:40 PM

(Approved — phab won't let me mark it as such because it is "closed.")

@jmg , @markm : Thanks, I also prefer the two independent pieces split into separate patches.

This one looks obviously correct to me. Go ahead and commit it. It fixes a security weakness in our implementation relative to spec Fortuna, so I'd be sure to tag the commit with "Security: yes."

cem added a comment.Aug 23 2018, 4:43 PM
In D16866#359249, @markm wrote:

Split into two separate commits as per review request.

Where did the other review end up? Thanks.

cem added a parent revision: D16872: Fix excessive reseed rate in random(4)..Aug 23 2018, 5:14 PM
cem mentioned this in D16872: Fix excessive reseed rate in random(4)..

Revision Contents
Changeset List

PathSize
sys/
dev/
random/
2 lines

Diff 47178

View Options

sys/dev/random/fortuna.c

Loading...