svn commit: r284959 - in head: . share/man/man4 share/man/man9 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe sys/dev/syscons sys/dev/ubsec sys/dev/virtio/random sy...

[Mark R V Murray]

> On 16 Jul 2015, at 15:08, Ian Lepore <ian at FreeBSD.org> wrote:
> 
> On Thu, 2015-07-16 at 06:39 +0100, Mark Murray wrote:
>>> On 15 Jul 2015, at 23:43, Adrian Chadd <adrian.chadd at gmail.com> wrote:
>>> 
>>>> - Add harvesting of slab allocator events. This needs to be checked for
>>>>   weighing down the allocator code.
>>> 
>>> Hi,
>>> 
>>> Is this really doing it upon every one of those events? eg, for each
>>> mbuf alloc through UMA?
>> 
>> Only if you turn it on!
>> 
>> M
>> 
> 
> In random_harvestq_init() I see
> 
> harvest_context.hc_source_mask = RANDOM_HARVEST_EVERYTHING_MASK;
> 
> and
> 
> #define RANDOM_HARVEST_EVERYTHING_MASK ((1 << (RANDOM_ENVIRONMENTAL_END
> + 1)) - 1)
> 
> So doesn't that include the RANDOM_FAST flag that controls harvesting
> during every UMA alloc and free call?  And that harvesting appears to be
> anything but fast, at least at a glance... it looks like it passes the
> entire struct uma_zone to the jenkins hash function... is there really
> useful entropy in all the data in that struct?

Well spotted, but fear not. All sources are on at startup, and this
is to ensure that the generator has maximal access to entropy while
booting.

One of the default duties of etc/rc.d/random is to turn off the UMA
and ATIME sources. These may be turned on if you want them, but by
default on the fully booted system they are off.

See ‘sysctl kern.random.harvest.mask_symbolic’ and note that the
disabled sources are in [].

I have yet to do a full set of benchmarks, but I have discussed
this with RWatson. A silly benchmark (make world) shows little
effect, but I will be doing this properly in coming months.

In answer to you final question - yes. The UMA entropy is a bit
spread out, but it is good.

M
-- 
Mark R V Murray