On Wednesday, July 04, 2012 4:45:54 pm Attilio Rao wrote:
> 2012/7/4 David Chisnall <thera...@freebsd.org>:
> > On 4 Jul 2012, at 21:32, Andrey Chernov wrote:
> >
> >> 1) /dev/urandom may not exist in jails/sandboxes while sysctls (or old
way
> >> initialization) always exists.
> >
> > From the perspective of Capsicum sandboxes, a device node is better than a
sysctl. The kernel must hard-code policy about which sysctls are permitted,
but access to file descriptors is decided on a per-sandbox basis and is
configurable by the user. The same applies to jails, although it's slightly
more effort to make device nodes appear inside a jail.
>
> Also don't understimate the locking factor here.
> I recall that at some point /dev/random was introducing some
> scalability penalty on php (maybe related to the suhosin patch) until
> kib made shared lookups available on devfs. IIRC, sysctls are still
> Giant locked.
sysctls are not all Giant locked. KERN_ARND is marked MPSAFE, so it does not
use Giant:
static int
sysctl_kern_arnd(SYSCTL_HANDLER_ARGS)
{
char buf[256];
size_t len;
len = req->oldlen;
if (len > sizeof(buf))
len = sizeof(buf);
arc4rand(buf, len, 0);
return (SYSCTL_OUT(req, buf, len));
}
SYSCTL_PROC(_kern, KERN_ARND, arandom,
CTLTYPE_OPAQUE | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_CAPRD, NULL, 0,
sysctl_kern_arnd, "", "arc4rand");
--
John Baldwin
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
