On Thu, Sep 20, 2012 at 08:44:10AM -0400, John Baldwin wrote: > I leave it up to someone else to explicitly ok that this data goes into > the RANDOM_INTERRUPT queue with the claim of 2 bits of entropy: > > Index: sys/kern/kern_intr.c .... >+ if (harvest.swi) { >+ CTR3(KTR_INTR, "swi_sched: pid %d (%s) gathering entropy", >+ curproc->p_pid, curthread->td_name); CTR3(KTR_INTR, "%s: pid %d (%s) gathering entropy", __func__, curproc->p_pid, curthread->td_name); --or-- CTR2(KTR_INTR, "swi_sched: pid %d (%s) gathering entropy", curproc->p_pid, curthread->td_name); This seems to have captured some harvesting. I applied your patch and only enabled harvest.swi with: Index: harvest.c =================================================================== --- harvest.c (revision 240694) +++ harvest.c (working copy) @@ -51 +51,7 @@ static int read_random_phony(void *, int -struct harvest_select harvest = { 1, 1, 1, 0 }; +struct harvest_select harvest = { + 0, /*ethernet*/ + 0, /*pt2pt*/ + 0, /*intr*/ + 1, /*swi*/ + 0, /*devprobe*/ +}; ngoc# sysctl kern.random kern.random.yarrow.gengateinterval: 10 kern.random.yarrow.bins: 10 kern.random.yarrow.fastthresh: 192 kern.random.yarrow.slowthresh: 256 kern.random.yarrow.slowoverthresh: 2 kern.random.sys.seeded: 1 kern.random.sys.harvest.ethernet: 0 kern.random.sys.harvest.point_to_point: 0 kern.random.sys.harvest.devprobe: 0 kern.random.sys.harvest.interrupt: 0 kern.random.sys.harvest.swi: 1 kern.random.sys.harvest.entropy_processed: write=0/0, keyboard=0/0, mouse=0/0, net=0/0, interrupt=4235/3, device=0/0 pure=0/0 (note, this system is initialized as non-seeded as shown in my previous patch) -- -- David ([email protected]) _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"