Date: Sun, 22 Sep 2024 07:36:42 GMT From: Colin Percival <cperciva@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: f4a69a933cd6 - main - loader: Make EFI entropy size configurable Message-ID: <202409220736.48M7agEx097137@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=f4a69a933cd645e384b337db5ef2ccf41a1ddd5b commit f4a69a933cd645e384b337db5ef2ccf41a1ddd5b Author: Colin Percival <cperciva@FreeBSD.org> AuthorDate: 2024-09-18 11:02:01 +0000 Commit: Colin Percival <cperciva@FreeBSD.org> CommitDate: 2024-09-22 07:35:47 +0000 loader: Make EFI entropy size configurable Add a new loader variable entropy_efi_seed_size which defaults to 2048; if not defined (e.g. if the /boot/lua/ is updated but /boot/defaults/ isn't) the same 2048 default will be used. Reviewed by: Val Packett MFC after: 1 week Sponsored by: Amazon Differential Revision: https://reviews.freebsd.org/D46632 --- stand/defaults/loader.conf | 8 ++++++-- stand/lua/core.lua | 3 ++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/stand/defaults/loader.conf b/stand/defaults/loader.conf index a5d27b96b6ba..c3de7cdfb74b 100644 --- a/stand/defaults/loader.conf +++ b/stand/defaults/loader.conf @@ -48,8 +48,12 @@ entropy_cache_type="boot_entropy_cache" # Required for the kernel to find # the boot-time entropy cache. This # must not change value even if the # _name above does change! -entropy_efi_seed="YES" # Set this to NO to disable loading - # entropy from the UEFI hardware random number generator API +entropy_efi_seed="YES" # Set this to NO to disable loading + # entropy from the UEFI hardware + # random number generator API +entropy_efi_seed_size="2048" # Set this to a different value to + # change the amount of entropy + # requested from EFI ### RAM Blacklist configuration ############################ ram_blacklist_load="NO" # Set this to YES to load a file diff --git a/stand/lua/core.lua b/stand/lua/core.lua index 7b7560ddc820..72b19462ae5c 100644 --- a/stand/lua/core.lua +++ b/stand/lua/core.lua @@ -369,7 +369,8 @@ end function core.loadEntropy() if core.isUEFIBoot() then if (loader.getenv("entropy_efi_seed") or "no"):lower() == "yes" then - loader.perform("efi-seed-entropy") + local seedsize = loader.getenv("entropy_efi_seed_size") or "2048" + loader.perform("efi-seed-entropy " .. seedsize) end end end
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202409220736.48M7agEx097137>