Date: Fri, 24 Jul 2015 07:59:35 +0100 From: Mark R V Murray <markm@FreeBSD.org> To: John-Mark Gurney <jmg@funkthat.com> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r284959 - in head: . share/man/man4 share/man/man9 sys/conf sys/dev/glxsb sys/dev/hifn sys/dev/random sys/dev/rndtest sys/dev/safe sys/dev/syscons sys/dev/ubsec sys/dev/virtio/random sy... Message-ID: <BC734D25-375C-4C1C-BA8A-BD91158B6A39@FreeBSD.org> In-Reply-To: <20150724012519.GE78154@funkthat.com> References: <201506301700.t5UH0jPq001498@svn.freebsd.org> <alpine.BSF.2.20.1507221138360.1071@desktop> <FFAED695-145A-45F5-988D-B843EF5F544B@FreeBSD.org> <alpine.BSF.2.20.1507221249120.1071@desktop> <FFFB06D7-164B-40B3-AFC3-A6630BCF074E@bsdimp.com> <E20B169F-4C8A-4D11-9853-5C2EFC116450@FreeBSD.org> <F54A96A8-D9AD-409A-814F-538B6AD3CD50@yahoo.com> <20150724012519.GE78154@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 24 Jul 2015, at 02:25, John-Mark Gurney <jmg@funkthat.com> wrote: >=20 > I would like to point out that the goal of collecting large amounts > is starting to fall out of favor, and I happen to agree with the likes > of djb[1] that we don't need an infinite amount of entropy collected = by > the system. If the attacker can read out our RNG state, then we are > already screwed due to many other vulns. I=E2=80=99m working on a premise of =E2=80=9Ctools, not policy=E2=80=9D. = I=E2=80=99d like there to be enough harvesting points for the box owner to get the warm fuzzies. If they choose to use less, fine by me. > Many of the issues that FreeBSD sees with lack of entropy at start up > is more of a problem on how systems are installed and provisioned. I > don't believe that we currently store any entropy from the install > process, yet this is one of the best places to get it, the user is > banging on keyboard selecting options, etc. If an image is designed > to be cloned (vm images or appliance images) we need to have a > mechanism to ensure that before we start, we get the entropy from > other sources, be it a hardware RNG or the console. Getting an initial entropy bundle for first boot is high up on my TODO list. :-) Patches welcome! We need the usual /entropy (or /var/db/entropy/=E2=80=A6 or whatever) and crucially we need = /boot/entropy and the correct invocation in /boot/loader.conf. > I would like to see us scale back the entropy collection, and replace > it with something like scan the zone once an hour or something > similar. Or do something dtrace style, where we nop/jmp the > collection after we feel that the system has collected enough. Most of the current entropy gathering is just about invisible anyway. I think the above goes too far, but may be a useful way of enabling/disabling (say) UMA gathering on the fly. > Heck, piping in mic data to /dev/random is a good way to seed the > rng on many machines. Well, sure, but what if you don=E2=80=99t have microphone? I want lots of choices, in anticipation of only a subset being usable. M --=20 Mark R V Murray
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BC734D25-375C-4C1C-BA8A-BD91158B6A39>