Date: Wed, 12 Sep 2012 11:13:49 -0500 From: Warner Losh <imp@bsdimp.com> To: Ian Lepore <freebsd@damnhippie.dyndns.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, Doug Barton <dougb@freebsd.org>, freebsd-rc@freebsd.org, obrien@freebsd.org, RW <rwmaillists@googlemail.com>, d@delphij.net, =?utf-8?Q?Dag-Erling_=EF=BF=BD?= <des@des.no> Subject: Re: svn commit: r239569 - head/etc/rc.d Message-ID: <317B4762-3530-49E5-B861-67773819FC5E@bsdimp.com> In-Reply-To: <1347461022.1110.29.camel@revolution.hippie.lan> References: <86sjao7q8c.fsf@ds4.des.no> <20120911205302.27484fd6@gumby.homeunix.com> <20120911200925.GA88456@dragon.NUXI.org> <504FA76A.5000209@delphij.net> <20120911211730.GB89188@dragon.NUXI.org> <504FAB87.3020701@delphij.net> <20120911215212.GA89515@dragon.NUXI.org> <504FBD15.8040907@delphij.net> <20120911230121.GA90289@dragon.NUXI.org> <504FC7B0.2060706@delphij.net> <20120912000738.GA90897@dragon.NUXI.org> <1347461022.1110.29.camel@revolution.hippie.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 12, 2012, at 9:43 AM, Ian Lepore wrote: > On Tue, 2012-09-11 at 17:07 -0700, David O'Brien wrote: >> On Tue, Sep 11, 2012 at 04:22:24PM -0700, Xin Li wrote: >>> Please consider using sha512... >>=20 >> What is the performance (boot time) impact on low-end MIPS and ARM >> systems? >>=20 >> I'm all for sha512, but don't want to be shot with a machine gun (vs. >> simple pistol). >>=20 >=20 > For the embedded systems I take care of, the performance problem on > low-end systems is likely to be solved by ignoring all of this angels > dancing on a pin stuff and supplying an alternate kickstart mechanism > appropriate to the way the system is used (which almost surely won't = be > in any national security datacenter). >=20 > I can assure you that neither shaXXX nor gzip nor anything else that > eats that many cycles will be involved. :) >=20 > I just hope one of things coming out of all this is a reasonable > mechanism for supplying alternate kickstart data. Yea, it doesn't have to be completely unique per boot, it just needs to = be something not the same and not too predictable for yarrow to work = well. Another part of the entropy will be the timings of all the = interrupts and what not after things are seeded, and that is very hard = to control... Just having it as a decent function that can easily be overridden in = /etc/rc.conf or some other well-known mechanism would easily solve this = problem for special needs folks without placing an undue burden on them = or on the main system. Warner=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?317B4762-3530-49E5-B861-67773819FC5E>