Differential D35802 Diff 108088 sys/dev/random/random_harvestq.c

Changeset View

Standalone View

sys/dev/random/random_harvestq.c

Show First 20 Lines • Show All 247 Lines • ▼ Show 20 Lines	random_sources_feed(void)
*		*
* For Fortuna, the math currently works out as such:		* For Fortuna, the math currently works out as such:
*		*
* 64 bits * 4 pools = 256 bits per iteration		* 64 bits * 4 pools = 256 bits per iteration
* 256 bits * 10 Hz = 2560 bits per second, 320 B/s		* 256 bits * 10 Hz = 2560 bits per second, 320 B/s
*		*
*/		*/
npools = howmany(p_random_alg_context->ra_poolcount, RANDOM_KTHREAD_HZ);		npools = howmany(p_random_alg_context->ra_poolcount, RANDOM_KTHREAD_HZ);
		if (!p_random_alg_context->ra_seeded())
		npools = howmany(p_random_alg_context->ra_poolcount * 64,
		delphijUnsubmitted Not Done Inline Actions I'd like to check if my understanding was correct for the `!ra_seeded()` case: The `64` was chosen because it's the `RANDOM_FORTUNA_DEFPOOLSIZE` The intention was to attempt to fully populate all pools with fast source data in one `random_kthread` interation We then iterate over all live sources: Realistically, most system has only one live source, that's the CPU provided RNG. For systems where no live source is available, the code below wold be no-op (we then fall back to waiting for other sources, which we have to do anyways) For systems where multiple live sources are available (virtio-rng, or crypto hardware), we could potentially harvest more than we need (but I think this is Okay because we only do the full harvest once as long as they are not all too slow). So the net effect for a typical `!ra_seeded()` case is that when the `random_kthread()` calls `random_sources_feed()`, we attempt to fully fill Fortuna's entropy pools (@10Hz, but hopefully only once) with live sources. For systems with boot entropy loaded, because we already primed RNG well before the random_kthread, this would be a no-op. delphij: I'd like to check if my understanding was correct for the `!ra_seeded()` case: # The `64`…
		HARVESTSIZE);
		delphijUnsubmitted Not Done Inline Actions If the understanding above was correct, should this be changed to `sizeof(entropy)` instead? delphij: If the understanding above was correct, should this be changed to `sizeof(entropy)` instead?

/*		/*
* Step over all of live entropy sources, and feed their output		* Step over all of live entropy sources, and feed their output
* to the system-wide RNG.		* to the system-wide RNG.
*/		*/
if (rse_warm)		if (rse_warm)
epoch_enter_preempt(rs_epoch, &et);		epoch_enter_preempt(rs_epoch, &et);
CK_LIST_FOREACH(rrs, &source_list, rrs_entries) {		CK_LIST_FOREACH(rrs, &source_list, rrs_entries) {
▲ Show 20 Lines • Show All 416 Lines • Show Last 20 Lines