[Differential] D24989: netinet: Generate a random RSS key on boot.
cem (Conrad Meyer)
phabric-noreply at FreeBSD.org
Sat May 30 21:35:43 UTC 2020
cem added inline comments.
INLINE COMMENTS
> kevans wrote in rss_config.c:251
> When in doubt, perhaps CC #csprng <https://reviews.freebsd.org/tag/csprng/>
With #csprng <https://reviews.freebsd.org/tag/csprng/> hat on: The random subsystem does not guarantee it has been seeded at any point during auto-configuration (SYSINIT).
If it has not been seeded yet, arc4random currently gives you a weakly random key (hash of the CPU clock cycle counter, essentially); that is still marginally more random than the hardcoded value this revision deletes, but not especially random. The API doesn't tell you which kind of output you got.
As far as waiting for entropy before initializing the key, doesn't that break RSS for existing connections? If that is tolerable, then that seems like a good solution. I'd want someone familiar with networking to approve that design (and this design!).
I'm not sure what the deleted XXXRW comment is referring to as far as rss_isbadkey().
As far as the actual arc4random_buf invocation, `s/&rss_key/rss_key/`.
REPOSITORY
rS FreeBSD src repository
CHANGES SINCE LAST ACTION
https://reviews.freebsd.org/D24989/new/
REVISION DETAIL
https://reviews.freebsd.org/D24989
EMAIL PREFERENCES
https://reviews.freebsd.org/settings/panel/emailpreferences/
To: neel_neelc.org, #csprng
Cc: cem, #csprng, kevans, debdrup, rwatson, imp, ae, melifaro, #contributor_reviews_base, freebsd-net-list, mmacy, kpraveen.lkml_gmail.com, marcnarc_gmail.com, simonvella_gmail.com, novice_techie.com, tommi.pernila_iki.fi, krzysztof.galazka_intel.com
More information about the freebsd-net
mailing list