cvs commit: src/sys/i386/i386 mem.c src/sys/kern kern_nrandom.c

Matthew Dillon dillon at
Mon Jul 10 14:07:30 PDT 2006

dillon      2006/07/10 14:06:09 PDT

DragonFly src repository

  Modified files:
    sys/i386/i386        mem.c 
    sys/kern             kern_nrandom.c 
  Change the seeder array from a modulo to a logical AND, improving performance
  and allowing us to overflow the index variable without overflowing the
  Implement seeding via writes to /dev/random.  Seeding is only allowed
  if the kern.seedenable sysctl is set to 1 (defaults to 0), and the securelevel
  is less then or equal to 0.  Note that the random number generator also
  self-seeds to some degree.
  Writing to /dev/random is no longer a sink null.  Writing to /dev/urandom
  is no longer allowed at all.
  Modify the seeding code to mix a few of the bits with PNG feedback to reduce
  the possibility of seeding-based attacks.
  Intentionally feed /dev/urandom back into /dev/random for a bit, then run
  DIEHARD to test for any obvious screwups.  Passes DIEHARD.
  Revision  Changes    Path
  1.16      +20 -18    src/sys/i386/i386/mem.c
  1.2       +28 -4     src/sys/kern/kern_nrandom.c

More information about the Commits mailing list