From owner-freebsd-current  Thu Oct 26 14: 2:57 2000
Delivered-To: freebsd-current@freebsd.org
Received: from grimreaper.grondar.za (adsl-63-206-96-212.dsl.snfc21.pacbell.net [63.206.96.212])
	by hub.freebsd.org (Postfix) with ESMTP id B6E0837B479
	for <current@FreeBSD.ORG>; Thu, 26 Oct 2000 14:02:53 -0700 (PDT)
Received: from grondar.za (mark@localhost [127.0.0.1])
	by grimreaper.grondar.za (8.11.1/8.11.1) with ESMTP id e9QL2ZM00703;
	Thu, 26 Oct 2000 14:02:38 -0700 (PDT)
	(envelope-from mark@grondar.za)
Message-Id: <200010262102.e9QL2ZM00703@grimreaper.grondar.za>
To: Matt Dillon <dillon@earth.backplane.com>
Cc: current@FreeBSD.ORG
Subject: Re: entropy reseeding is totally broken 
References: <200010262047.e9QKleY45974@earth.backplane.com> 
In-Reply-To: <200010262047.e9QKleY45974@earth.backplane.com> ; from Matt Dillon <dillon@earth.backplane.com>  "Thu, 26 Oct 2000 13:47:40 PDT."
Date: Thu, 26 Oct 2000 14:02:35 -0700
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>     This would be trivial, you can use the swap allocation code (example:
>     see the VN device, dev/vn/vn.c) to reserve, read, and write the swap.

Thanks! :-)

>     However, I don't see much of a point in doing this.  Not everyone
>     configures swap, so you can't count on it, and a system dump will
>     overwrite swap, so you would have to mess around with that as well
>     and I can tell you it just isn't worth the effort.  Maintaining an entropy
>     file in /var/db has no downside at all and is a whole lot easier
>     to manage.

There is the problem that for each setup, there are many admins who
will have a non-writable filesapce for at least one of (/ /var /boot /etc).

Sure, there may not be a $PRIMARYSWAP, but if there is, it is IMO the best
place to put stashed entropy.

>     This /dev/random stuff is a little wild -- I think the premis is sound,
>     but you really need to look towards implementing more straightforward
>     solutions rather then hacking up unrelated parts of the system.  Forget
>     doing special magic in the kernel.  Forget using swap.  Forget having
>     ridiculously huge entropy files.  Simplify it and everyone will be a whole
>     lot happier.

:-) I'd like your suggestion a lot more if you supplied some more concrete
hints. I like KISS, and current evolution is looking a little wierd. I'd
enjoy seeing a true/beautiful/simple solution - patches welcome. :-)

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message