From owner-svn-src-head@freebsd.org Fri Apr 19 05:56:36 2019 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D3BA0158657B; Fri, 19 Apr 2019 05:56:35 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4F3CF8F211; Fri, 19 Apr 2019 05:56:35 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: by mail-pl1-x634.google.com with SMTP id cv12so2180921plb.9; Thu, 18 Apr 2019 22:56:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=xeISQ4x22iCyKhNqD8fprOySwp87jkD5iT1s2RUJSjU=; b=ExAq50xcs29SLlWrmvv0c1ZmZ8d57QVidLM3wU8NXPiJJkBQ6l8ej7RFyP5VJ0SIAh zbQt98EVYiTsrmYqPRIi6cx1q2FXocnKE7Vb6BA9AxmyMSlkn70v2rOQ1hUiBU/NgD0j ZIbikSk4lb5i5uwB9f4VgOsvzoRBzHlmO8I7fkPR6dFd01mq7mvsZuW3YR1Tms/8F0EI Wj7sN7ToVwm2H+PWxKcNIyTOrCSMJzRfhQQ59sK97qqOVq5Yao7CHMNvG9JeHyht0dSp a9Dbv3hIYfdKUCalwJH7iqYULTkKnozEAfzEa2krbU1nRnwptUDMnMZv2R8/nt/9n6cr 9m3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=xeISQ4x22iCyKhNqD8fprOySwp87jkD5iT1s2RUJSjU=; b=W8v6hFpmuFDgFrKtpoqRNS95YXnSVESe6U89WjPMe6dTgYteCK3516/7rhCByfbSxR QZNYkzL1Ya5CLtftJaNWt9M1I2WwgBv2j0XZ3TYL3832EFXQ/hZcFYZUT0VokjYbPf9y nZ457qut50vRf2ex6PYMSDYTHdV/IHg5bsOdnPFf+Bg9CQUiiUK2PpvHjdnrNzkcd/pq gn4zB/OjSfX6rrESE94sSI+Y4O//hX2TS3rSWx6nkha6Rjxw+I3h+PA0if6gaumzOa7T uvHhFh1gIi3avewjOAYEMWJLv0msKvA0IeXDJF81LH7sAP3jBaEA3pxSCPUuFcxUpdZe dbiQ== X-Gm-Message-State: APjAAAV+IhKFSt9kr7YTt64IzuddjQhi3qSHZ8c/PETzgn/v1EczXcah UmhJPFlJqK/mo1/8J1RFiRtBkh4yv0o= X-Google-Smtp-Source: APXvYqzRN36+4qDY6Udgyito3+DZ7c6RMnC24PVZaXnnj09QQmfsN36qlKDf+uKWa/LCuIH0lo/EmQ== X-Received: by 2002:a17:902:e302:: with SMTP id cg2mr1883852plb.285.1555653393676; Thu, 18 Apr 2019 22:56:33 -0700 (PDT) Received: from [192.168.20.22] (c-73-19-52-228.hsd1.wa.comcast.net. [73.19.52.228]) by smtp.gmail.com with ESMTPSA id k186sm7515009pfc.137.2019.04.18.22.56.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 18 Apr 2019 22:56:32 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) Subject: Re: svn commit: r346358 - in head: . sys/dev/random sys/libkern sys/mips/conf sys/sys From: Enji Cooper X-Mailer: iPhone Mail (16E227) In-Reply-To: <201904182048.x3IKmtG2073301@repo.freebsd.org> Date: Thu, 18 Apr 2019 22:56:32 -0700 Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <201904182048.x3IKmtG2073301@repo.freebsd.org> To: Conrad Meyer X-Rspamd-Queue-Id: 4F3CF8F211 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.95 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[]; NEURAL_HAM_SHORT(-0.95)[-0.953,0] X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Apr 2019 05:56:36 -0000 > On Apr 18, 2019, at 13:48, Conrad Meyer wrote: >=20 > Author: cem > Date: Thu Apr 18 20:48:54 2019 > New Revision: 346358 > URL: https://svnweb.freebsd.org/changeset/base/346358 >=20 > Log: > random(4): Restore availability tradeoff prior to r346250 >=20 > As discussed in that commit message, it is a dangerous default. But the > safe default causes enough pain on a variety of platforms that for now, > restore the prior default. >=20 > Some of this is self-induced pain we should/could do better about; for > example, programmatic CI systems and VM managers should introduce entropy= > from the host for individual VM instances. This is considered a future w= ork > item. >=20 > On modern x86 and Power9 systems, this may be wholly unnecessary after > D19928 lands (even in the non-ideal case where early /boot/entropy is > unavailable), because they have fast hardware random sources available ea= rly > in boot. But D19928 is not yet landed and we have a host of architecture= s > which do not provide fast random sources. >=20 > This change adds several tunables and diagnostic sysctls, documented > thoroughly in UPDATING and sys/dev/random/random_infra.c. Thank you for doing this Conrad! One request: can these sysctls/tunables please be documented in random(4)? N= ot everyone has access to UPDATING with binary distributions. Thank you so very much! -Enji=