From owner-svn-src-all@FreeBSD.ORG Sun Nov 2 12:41:24 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7DE662B0; Sun, 2 Nov 2014 12:41:24 +0000 (UTC) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 3E785CE; Sun, 2 Nov 2014 12:41:23 +0000 (UTC) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp-int.des.no (Postfix) with ESMTP id CFFE2AC33; Sun, 2 Nov 2014 12:41:22 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 2FE0410B2E; Sun, 2 Nov 2014 13:41:23 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Mark R V Murray Subject: Re: svn commit: r273958 - head/sys/dev/random References: <201411020201.sA221unt091493@svn.freebsd.org> <720EB74E-094A-43F3-8B1C-47BC7F6FECC3@grondar.org> Date: Sun, 02 Nov 2014 13:41:23 +0100 In-Reply-To: <720EB74E-094A-43F3-8B1C-47BC7F6FECC3@grondar.org> (Mark R. V. Murray's message of "Sun, 2 Nov 2014 09:45:15 +0000") Message-ID: <86mw894vws.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Nov 2014 12:41:24 -0000 Mark R V Murray writes: > I=E2=80=99m scared witless of this being on-by-default, for the reason gi= ven > in the removed comment. I=E2=80=99d much prefer to see it only turned on = if a > kernel option is set, and the embedded folks /et al/ can use that. You didn't seem to mind this code when we introduced it in 10-CURRENT. Removing it breaks pretty much everything, not just embedded systems. We can add a sysctl to turn it off, but it has to be on by default. Note that the alternative is to feed more trash into /dev/random at boot, as we did before. It may give us a warm and fuzzy feeling which we don't get from automatically seeding, but the reality is that we have no idea how good that trash is either. In fact, most of what we used to feed into /dev/random at boot (ps, sysctls etc) was constant or nearly so. I prefer to trust that we get enough entropy from attachtimes and I/O in the boot process - and the data I gathered indicates that there is more than enough entropy from attachtimes alone, even on SFF systems and VMs. > Moving the point of the auto-firstseed to where is good, thanks. ...except that I'm not sure it doesn't break root-on-geli etc, but at least it doesn't break it more than not having auto-firstseed at all. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no