hi, is the change in conf/std still necessary?
YAMAMOTO Takashi > Module Name: src > Committed By: tls > Date: Sat Dec 17 20:05:40 UTC 2011 > > Modified Files: > src/share/man/man4: rnd.4 > src/share/man/man9: cprng.9 rnd.9 > src/sys/conf: files > src/sys/crypto/nist_ctr_drbg: nist_ctr_drbg_aes128.h > nist_ctr_drbg_aes256.h > src/sys/dev: rnd.c rndpool.c > src/sys/dev/iscsi: iscsi_text.c > src/sys/dist/pf/netinet: tcp_rndiss.c > src/sys/kern: init_sysctl.c subr_cprng.c > src/sys/net: if_spppsubr.c > src/sys/netinet: tcp_subr.c > src/sys/rump/dev/lib/librnd: Makefile > src/sys/rump/librump/rumpkern: cprng_stub.c > src/sys/sys: cprng.h param.h rnd.h > Added Files: > src/sys/dev: rndpseudo.c > > Log Message: > Separate /dev/random pseudodevice implemenation from kernel entropy pool > implementation. Rewrite pseudodevice code to use cprng_strong(9). > > The new pseudodevice is cloning, so each caller gets bits from a stream > generated with its own key. Users of /dev/urandom get their generators > keyed on a "best effort" basis -- the kernel will rekey generators > whenever the entropy pool hits the high water mark -- while users of > /dev/random get their generators rekeyed every time key-length bits > are output. > > The underlying cprng_strong API can use AES-256 or AES-128, but we use > AES-128 because of concerns about related-key attacks on AES-256. This > improves performance (and reduces entropy pool depletion) significantly > for users of /dev/urandom but does cause users of /dev/random to rekey > twice as often. > > Also fixes various bugs (including some missing locking and a reseed-counter > overflow in the CTR_DRBG code) found while testing this. > > For long reads, this generator is approximately 20 times as fast as the > old generator (dd with bs=64K yields 53MB/sec on 2Ghz Core2 instead of > 2.5MB/sec) and also uses a separate mutex per instance so concurrency > is greatly improved. For reads of typical key sizes for modern > cryptosystems (16-32 bytes) performance is about the same as the old > code: a little better for 32 bytes, a little worse for 16 bytes. > > > To generate a diff of this commit: > cvs rdiff -u -r1.16 -r1.17 src/share/man/man4/rnd.4 > cvs rdiff -u -r1.3 -r1.4 src/share/man/man9/cprng.9 > cvs rdiff -u -r1.18 -r1.19 src/share/man/man9/rnd.9 > cvs rdiff -u -r1.1032 -r1.1033 src/sys/conf/files > cvs rdiff -u -r1.1 -r1.2 src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes128.h \ > src/sys/crypto/nist_ctr_drbg/nist_ctr_drbg_aes256.h > cvs rdiff -u -r1.88 -r1.89 src/sys/dev/rnd.c > cvs rdiff -u -r1.21 -r1.22 src/sys/dev/rndpool.c > cvs rdiff -u -r0 -r1.1 src/sys/dev/rndpseudo.c > cvs rdiff -u -r1.2 -r1.3 src/sys/dev/iscsi/iscsi_text.c > cvs rdiff -u -r1.3 -r1.4 src/sys/dist/pf/netinet/tcp_rndiss.c > cvs rdiff -u -r1.185 -r1.186 src/sys/kern/init_sysctl.c > cvs rdiff -u -r1.4 -r1.5 src/sys/kern/subr_cprng.c > cvs rdiff -u -r1.124 -r1.125 src/sys/net/if_spppsubr.c > cvs rdiff -u -r1.243 -r1.244 src/sys/netinet/tcp_subr.c > cvs rdiff -u -r1.2 -r1.3 src/sys/rump/dev/lib/librnd/Makefile > cvs rdiff -u -r1.3 -r1.4 src/sys/rump/librump/rumpkern/cprng_stub.c > cvs rdiff -u -r1.3 -r1.4 src/sys/sys/cprng.h > cvs rdiff -u -r1.397 -r1.398 src/sys/sys/param.h > cvs rdiff -u -r1.27 -r1.28 src/sys/sys/rnd.h > > Please note that diffs are not public domain; they are subject to the > copyright notices on the relevant files.