I was updating the kernel pseudo_random and libc arc4random patches, and checked open and net bsd to see if they have made recent changes. I noticed 'use the new fat random sysctl to get initial state.' in their cvs log, and I thought to myself "I want a fat random sysctl too". The pseudo_random/frandom kernel patch gives 16 byte output from sysctl, in the patch I substituted 16 with 256, and increased the buffer from 64 to 1024 (multiplied everything by 4), and it works pretty nice.
This is the standard 16 bytes: kernel.random.erandom = cb39026ddaac9bed446b9d94718d5577 This is 256 bytes: kernel.random.erandom = 56d1a0fa8faa401cec5800ee3a44eac895bf12ccd059468551034edade9ce1c272796227f7561fe0081302a4fce3d58a1d55084ed95d36e96610cb42c700ba10f6d22e43397c6deb2f28820ee537a29961c44f1452853ed0f747217d768c5addc1d0cb1430690ce8063a2ff3b4670880f99a0baf430b66aa7d04aa4d029eafd5a69f5cf83fde7ac7a1913f9807b9df8b0b13be77721c4c466bd243792ba882bb7e0042a852c87500a076332c78f3a957138e7b48b3c8090fcbf718bd753dee190dc37b9b27ec055de642e85b27a4f38c45c700da2f287baa4640cfaaeecea9668958213649731df2ef536611d0cef1236605afe74f16d54f997915abb099d210 This works with the urandom sysctl too. I put a patch here: http://www.linuxfromscratch.org/~robert/new/newpatches/linux-2.6.16.19-pseudo_random-1.patch-256byte_sysctl I also fixed class_device_create so frandom can compile as a module on the more recent kernels, and fixed the menu a bit so both sysctl drivers are now menu options. I would like to find someone familiar with recent 2.6 kernels to check over the pseudo_random patch, because it was originally made for kernel 2.4 (the devfs stuff could be removed now). The urandom sysctl uses significant amount of kernel entropy, but erandom still uses none. I have yet to check why sysctl urandom and /dev/urandom use very different amounts of entropy. So now the arc4random library can fill a 128 byte buffer with a single sysctl call, instead of 8, and the looping code can be removed, so it can run a bit more efficiently. This new kernel patch should work fine with the old arc4 library, the looping code will just run once instead of 8 times. I imagine this uses more system memory to run... 4 times more, but not more cpu resources. This may or may not be a problem with systems with little memory. More testing is needed to see if there are any other issues. robert -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
