From owner-freebsd-current Thu Mar 1 5:42:15 2001 Delivered-To: freebsd-current@freebsd.org Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55]) by hub.freebsd.org (Postfix) with ESMTP id A906537B718 for ; Thu, 1 Mar 2001 05:42:08 -0800 (PST) (envelope-from DougB@gorean.org) Received: from gorean.org (Studded@master [10.0.0.2]) by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id FAA11554 for ; Thu, 1 Mar 2001 05:42:07 -0800 (PST) (envelope-from DougB@gorean.org) Message-ID: <3A9E51AF.AEBE999E@gorean.org> Date: Thu, 01 Mar 2001 05:42:07 -0800 From: Doug Barton Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-current@freebsd.org Subject: New entropy harvesting sysctl's enabled in rc Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Gang, Here is the promised next phase in the /dev/random saga. Now that Mark has committed the entropy harvesters, it's time to make use of them. I've had the sysctl's that enable the harvesting turned on basically since they were committed with no noticable negative effects on my celeron 450. Others have reported similar results. Therefore we are turning the harvesters on by default, with the ability to easily disable them in rc.conf. I was unable to test the ppp bits, but I've every reason to believe that this will work. Comments and suggestions are welcome. The goal is to turn on the appropriate harvesters for ethernet, and/or ppp/slip/tun based on the presence of a configured device of that nature. So, the ethernet bits check to see if there is an ethernet card configured, and turns on that harvester if so. The same should be true for the ppp harvester, based on the suggestions I received for detecting whether a tun device is or will be in use. The next phase will be to eliminate the last of the hackish pseudo-entropy harvesting, and move the writing of the rc.shutdown entropy file to /var/db/entropy. Obviously if you experience any problems or slowdowns with the sysctl's enabled please speak up. I want to give this new stuff a couple weeks to mature before removal of the hackish stuff, since other than the mere fact that it _is_ hackish, it's not really hurting anything. Appropriate rc.conf(5) entries will be coming in a seperate commit. I am working on a general cleanup/update of that file, but I plan to wait till the reality in rc.conf is closer to what we want it to be. Doug -------- Original Message -------- Subject: cvs commit: src/etc rc src/etc/defaults rc.conf Date: Thu, 1 Mar 2001 05:19:50 -0800 (PST) From: Doug Barton To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org dougb 2001/03/01 05:19:50 PST Modified files: etc rc etc/defaults rc.conf Log: Add code to turn on the entropy harvesting sysctl's as early as possible during the boot process. We're turning it on by default, based on the actual presence of a configured ethernet card, and/or ppp/tun devices. Of course, it's easy to disable in rc.conf. Revision Changes Path 1.253 +79 -1 src/etc/rc 1.91 +4 -1 src/etc/defaults/rc.conf http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/rc.diff?&r1=1.252&r2=1.253&f=h http://www.FreeBSD.org/cgi/cvsweb.cgi/src/etc/defaults/rc.conf.diff?&r1=1.90&r2=1.91&f=h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message