From owner-freebsd-rc@FreeBSD.ORG  Wed Sep 12 16:14:07 2012
Return-Path: <owner-freebsd-rc@FreeBSD.ORG>
Delivered-To: freebsd-rc@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 83D69106564A
	for <freebsd-rc@freebsd.org>; Wed, 12 Sep 2012 16:14:07 +0000 (UTC)
	(envelope-from imp@bsdimp.com)
Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com
	[209.85.214.182])
	by mx1.freebsd.org (Postfix) with ESMTP id E0F6A8FC14
	for <freebsd-rc@freebsd.org>; Wed, 12 Sep 2012 16:14:06 +0000 (UTC)
Received: by obbun3 with SMTP id un3so3645624obb.13
	for <freebsd-rc@freebsd.org>; Wed, 12 Sep 2012 09:14:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=sender:subject:mime-version:content-type:from:in-reply-to:date:cc
	:content-transfer-encoding:message-id:references:to:x-mailer
	:x-gm-message-state;
	bh=w+2K0tBmEK+bkNh4Xd54bPrtCQkqvugMM5zQzGrpuKQ=;
	b=CRiqm+2imoizr4XkRaa16Hq7dPFxl7YYf09LAich1cbJ9mgh8RQW4GeTnmRmJ6wB2T
	wX9x5IqKmhE09JAWwjDXclInhH3lXQX6uAWqEdxaf0MSGsLMyscfpWVLAD5ZDDa3qyjl
	h4hfTmPuEO5N+02gs+xD/L6VSoDp6d01whySDvG21jiY4i2gLu1GYfk8T+iRw18oORDH
	7M/SxGmQ3DQlvrLXS2WO2Y2ud2PJ/BMcg9WsXM5uHtI0BUil8XRt19Z1wWxq+0svVrmE
	fK3S9F821GsHmAg8Oy7yDr5bB7+YWjxwfHXmXy8fB37QMGF5xg+awojgY9W3+1NUFnjc
	eiiA==
Received: by 10.60.24.7 with SMTP id q7mr23009002oef.54.1347466445966;
	Wed, 12 Sep 2012 09:14:05 -0700 (PDT)
Received: from [192.168.1.105] (ppp-70-252-140-146.dsl.ksc2mo.swbell.net.
	[70.252.140.146])
	by mx.google.com with ESMTPS id 5sm15205548oeq.4.2012.09.12.09.13.50
	(version=TLSv1/SSLv3 cipher=OTHER);
	Wed, 12 Sep 2012 09:14:03 -0700 (PDT)
Sender: Warner Losh <wlosh@bsdimp.com>
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset=us-ascii
From: Warner Losh <imp@bsdimp.com>
In-Reply-To: <1347461022.1110.29.camel@revolution.hippie.lan>
Date: Wed, 12 Sep 2012 11:13:49 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <317B4762-3530-49E5-B861-67773819FC5E@bsdimp.com>
References: <86sjao7q8c.fsf@ds4.des.no>
	<20120911205302.27484fd6@gumby.homeunix.com>
	<20120911200925.GA88456@dragon.NUXI.org>
	<504FA76A.5000209@delphij.net>
	<20120911211730.GB89188@dragon.NUXI.org>
	<504FAB87.3020701@delphij.net>
	<20120911215212.GA89515@dragon.NUXI.org>
	<504FBD15.8040907@delphij.net>
	<20120911230121.GA90289@dragon.NUXI.org>
	<504FC7B0.2060706@delphij.net>
	<20120912000738.GA90897@dragon.NUXI.org>
	<1347461022.1110.29.camel@revolution.hippie.lan>
To: Ian Lepore <freebsd@damnhippie.dyndns.org>
X-Mailer: Apple Mail (2.1084)
X-Gm-Message-State: ALoCoQm8lPDpJ6WbxgqsEm07dT7Ku181FiWiJ7A5xR43twT5qQSlhJHOBhXeZHEY//5PAR/mCYYr
Cc: Arthur Mesh <arthurmesh@gmail.com>, Doug Barton <dougb@freebsd.org>,
	freebsd-rc@freebsd.org, obrien@freebsd.org,
	RW <rwmaillists@googlemail.com>, d@delphij.net,
	=?utf-8?Q?Dag-Erling_=EF=BF=BD?= <des@des.no>
Subject: Re: svn commit: r239569 - head/etc/rc.d
X-BeenThere: freebsd-rc@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion related to /etc/rc.d design and implementation."
	<freebsd-rc.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-rc>,
	<mailto:freebsd-rc-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-rc>
List-Post: <mailto:freebsd-rc@freebsd.org>
List-Help: <mailto:freebsd-rc-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-rc>,
	<mailto:freebsd-rc-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Sep 2012 16:14:07 -0000


On Sep 12, 2012, at 9:43 AM, Ian Lepore wrote:

> On Tue, 2012-09-11 at 17:07 -0700, David O'Brien wrote:
>> On Tue, Sep 11, 2012 at 04:22:24PM -0700, Xin Li wrote:
>>> Please consider using sha512...
>>=20
>> What is the performance (boot time) impact on low-end MIPS and ARM
>> systems?
>>=20
>> I'm all for sha512, but don't want to be shot with a machine gun (vs.
>> simple pistol).
>>=20
>=20
> For the embedded systems I take care of, the performance problem on
> low-end systems is likely to be solved by ignoring all of this angels
> dancing on a pin stuff and supplying an alternate kickstart mechanism
> appropriate to the way the system is used (which almost surely won't =
be
> in any national security datacenter).
>=20
> I can assure you that neither shaXXX nor gzip nor anything else that
> eats that many cycles will be involved. :)
>=20
> I just hope one of things coming out of all this is a reasonable
> mechanism for supplying alternate kickstart data.

Yea, it doesn't have to be completely unique per boot, it just needs to =
be something not the same and not too predictable for yarrow to work =
well.  Another part of the entropy will be the timings of all the =
interrupts and what not after things are seeded, and that is very hard =
to control...

Just having it as a decent function that can easily be overridden in =
/etc/rc.conf or some other well-known mechanism would easily solve this =
problem for special needs folks without placing an undue burden on them =
or on the main system.

Warner=