Date: Sun, 6 Oct 2013 12:43:42 +0000 (UTC) From: Mark Murray <markm@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r256087 - in projects/random_number_generator/etc: defaults rc.d Message-ID: <201310061243.r96Chgfv036100@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: markm Date: Sun Oct 6 12:43:42 2013 New Revision: 256087 URL: http://svnweb.freebsd.org/changeset/base/256087 Log: As userland writing to /dev/random is no more, remove the "better than nothing" bootstrap mode. Add SWI harvesting to the mix. My box seeds Yarrow by itself in a few seconds! YMMV; more to follow. Modified: projects/random_number_generator/etc/defaults/rc.conf projects/random_number_generator/etc/rc.d/initrandom Modified: projects/random_number_generator/etc/defaults/rc.conf ============================================================================== --- projects/random_number_generator/etc/defaults/rc.conf Sun Oct 6 12:40:32 2013 (r256086) +++ projects/random_number_generator/etc/defaults/rc.conf Sun Oct 6 12:43:42 2013 (r256087) @@ -651,6 +651,7 @@ entropy_save_num="8" # Number of entropy harvest_interrupt="YES" # Entropy device harvests interrupt randomness harvest_ethernet="YES" # Entropy device harvests ethernet randomness harvest_p_to_p="YES" # Entropy device harvests point-to-point randomness +harvest_swi="YES" # Entropy device harvests internal SWI randomness dmesg_enable="YES" # Save dmesg(8) to /var/run/dmesg.boot watchdogd_enable="NO" # Start the software watchdog daemon watchdogd_flags="" # Flags to watchdogd (if enabled) Modified: projects/random_number_generator/etc/rc.d/initrandom ============================================================================== --- projects/random_number_generator/etc/rc.d/initrandom Sun Oct 6 12:40:32 2013 (r256086) +++ projects/random_number_generator/etc/rc.d/initrandom Sun Oct 6 12:43:42 2013 (r256087) @@ -14,26 +14,6 @@ name="initrandom" start_cmd="initrandom_start" stop_cmd=":" -feed_dev_random() -{ - if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then - cat "${1}" | dd of=/dev/random bs=8k 2>/dev/null - fi -} - -better_than_nothing() -{ - # XXX temporary until we can improve the entropy - # harvesting rate. - # Entropy below is not great, but better than nothing. - # This unblocks the generator at startup - # Note: commands are ordered to cause the most variance across reboots. - ( kenv; dmesg; df -ib; ps -fauxww; date; sysctl -a ) \ - | dd of=/dev/random bs=8k 2>/dev/null - /sbin/sha256 -q `sysctl -n kern.bootfile` \ - | dd of=/dev/random bs=8k 2>/dev/null -} - initrandom_start() { soft_random_generator=`sysctl kern.random 2>/dev/null` @@ -63,23 +43,15 @@ initrandom_start() else ${SYSCTL} kern.random.sys.harvest.point_to_point=0 >/dev/null fi - fi - # First pass at reseeding /dev/random. - # - case ${entropy_file} in - [Nn][Oo] | '') - ;; - *) - if [ -w /dev/random ]; then - feed_dev_random "${entropy_file}" + if checkyesno harvest_swi; then + ${SYSCTL} kern.random.sys.harvest.swi=1 >/dev/null + echo -n ' swi' + else + ${SYSCTL} kern.random.sys.harvest.swi=0 >/dev/null fi - ;; - esac - - better_than_nothing + fi - echo -n ' kickstart' fi echo '.'
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201310061243.r96Chgfv036100>