On Fri, Oct 21, 2011 at 05:15:55PM -0400, Thor Lancelot Simon wrote: > > WARNING: #7 and #8 reveal some kind of synchronization or locking > bug in this patch. #8 causes the entropy pool to log to > the console whenever it supplies rekeying entropy. #7 > causes 'sysctl kern.urandom' to read from a cprng_strong > instance. > > Performing around 1000 consecutive such sysctl calls will > reveal corruption of the cprng_strong state: it is not > rekeyed (nor should it yet be), but is corrupted in such > a way that it thinks it has been, triggering the rngtest > statistical test, which then fails.
The patch at http://www.panix.com/~tls/rnd2.diff addresses the correctness issues that Christos pointed out but does *not* fix the problem described above. Help much appreciated. Thor
