2010/12/22 Theo de Raadt <dera...@cvs.openbsd.org>: >> > Where do we invent entropy from when the kernel has only >> > been running for 0.01 of a second? >> >> O.K. where do you need ramdom bytes during that state of the kernel? >> All locations where arc4random* is called in the kernel are these: > > [list of 16] > > Unfortunately it looks like you missed a hundred or more.
Damn, you're right. It seems my grep pattern was "initialized" in the wrong way (maybe not enough entropy from the user) :-)) > No, there is much more than that. Processes get started and > initialize their libc-based prng's, as well as other state, including > address space randomization, stack biasing, etc etc. After adjusting my grep pattern, I found several more locations. A lot of those need the filesystem. However at least one (for sure much more) is indeed calling arc4random while there is no filesystem mounted. So, just forget my "theory"! >> So, until the filesystem is mounted, there is no need for arc4random() >> in the kernel. > > Totally false. True (that it's false). So, I guess the discussion about the use of nanotime() is finished, as there is "common agreement" that it has no influence on the PRNG, right?
