Dear Alex and bugs, I just checked the source tree, and karc4random() does not use read_random_unlimited().
Well, it does not use it directly ... I see a call to it elsewhere in: /sys/libkern/arc4random.c I sent a post into [email protected] a while back and I think it was Matthew Dillon who replied stating that there are numerous references to e.g. karc4random() strewn about all over the source tree, and it would be a good idea to update those references to use the superior CSPRNG in: /sys/kern/kern_nrandom.c But it seems nobody has bothered to do that. I'm just sending this bug report in, because the mmap randomisation is a new commit, i.e. it is new code, and since it is new code it should be using the best CSPRNG available and not the old references to karc4random(). Here is the relevant source snippet: u_int32_t 116<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l116>karc4random(void) 117<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l117>{ 118<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l118> u_int32_t ret; 119<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l119> struct timeval tv_now; 120<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l120> 121<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l121> /* Initialize array if needed. */ 122<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l122> if (!arc4_initialized) 123<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l123> arc4_init(); 124<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l124> 125<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l125> getmicrotime(&tv_now); 126<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l126> if ((++arc4_numruns > ARC4_MAXRUNS) || 127<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l127> (tv_now.tv_sec > arc4_tv_nextreseed.tv_sec)) 128<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l128> { 129<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l129> arc4_randomstir(); 130<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l130> } 131<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l131> 132<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l132> ret = arc4_randbyte(); 133<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l133> ret |= arc4_randbyte() << 8; 134<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l134> ret |= arc4_randbyte() << 16; 135<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l135> ret |= arc4_randbyte() << 24; 136<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l136> 137<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l137> return ret; 138<http://gitweb.dragonflybsd.org/dragonfly.git/blob/master:/sys/libkern/arc4random.c#l138>} On 25 November 2010 16:32, Alex Hornung (via DragonFly issue tracker) < [email protected]> wrote: > > Alex Hornung <[email protected]> added the comment: > > After a short check it uses exactly the same interface to get the > 'randomness' > (entropy?), read_random_unlimited(). > > So what exactly do you mean? And why is karc4random no good? > > Cheers, > Alex > > _____________________________________________________ > DragonFly issue tracker <[email protected]> > <http://bugs.dragonflybsd.org/issue1924> > _____________________________________________________ > -- Sincerely, Robin Carey
