Re: Collecting entropy from device_attach() times.
RW <rwmaillists@googlemail.com> writes:
> "Dag-Erling Sm=C3=B8rgrav" <des@des.no> writes:
> > You can't rely on the existence of a TSC. I would suggest using the
> > fractional part of binuptime instead.
> get_cyclecount() is supposed to be platform independent and should
> fall-back to nanotime(9) if TSC or equivalent is absent.
I just thought of another issue with get_cyclecount().
On machines with TSCs, its resolution varies with the CPU's speed
(nominal or actual, depending on the exact model). This means that
attachtime measurements have far lower resolution and therefore less
entropy on slow machines than on fast ones.
This doesn't mean we can't use get_cyclecount(), just that we shouldn't
base our entropy estimates on data gathered on a fast system.
DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 63 之 80 篇):