Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 18 Apr 2019 22:56:32 -0700
From:      Enji Cooper <yaneurabeya@gmail.com>
To:        Conrad Meyer <cem@freebsd.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r346358 - in head: . sys/dev/random sys/libkern sys/mips/conf sys/sys
Message-ID:  <A7DB74C8-B362-4289-B1EE-8B77CAD996D1@gmail.com>
In-Reply-To: <201904182048.x3IKmtG2073301@repo.freebsd.org>
References:  <201904182048.x3IKmtG2073301@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

> On Apr 18, 2019, at 13:48, Conrad Meyer <cem@freebsd.org> wrote:
>=20
> Author: cem
> Date: Thu Apr 18 20:48:54 2019
> New Revision: 346358
> URL: https://svnweb.freebsd.org/changeset/base/346358
>=20
> Log:
>  random(4): Restore availability tradeoff prior to r346250
>=20
>  As discussed in that commit message, it is a dangerous default.  But the
>  safe default causes enough pain on a variety of platforms that for now,
>  restore the prior default.
>=20
>  Some of this is self-induced pain we should/could do better about; for
>  example, programmatic CI systems and VM managers should introduce entropy=

>  from the host for individual VM instances.  This is considered a future w=
ork
>  item.
>=20
>  On modern x86 and Power9 systems, this may be wholly unnecessary after
>  D19928 lands (even in the non-ideal case where early /boot/entropy is
>  unavailable), because they have fast hardware random sources available ea=
rly
>  in boot.  But D19928 is not yet landed and we have a host of architecture=
s
>  which do not provide fast random sources.
>=20
>  This change adds several tunables and diagnostic sysctls, documented
>  thoroughly in UPDATING and sys/dev/random/random_infra.c.

Thank you for doing this Conrad!

One request: can these sysctls/tunables please be documented in random(4)? N=
ot everyone has access to UPDATING with binary distributions.

Thank you so very much!
-Enji=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A7DB74C8-B362-4289-B1EE-8B77CAD996D1>