Date: Tue, 4 Sep 2012 15:01:26 -0700 From: David O'Brien <obrien@FreeBSD.org> To: Doug Barton <dougb@FreeBSD.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, freebsd-security@FreeBSD.org, freebsd-rc@FreeBSD.org, Mark Murray <markm@FreeBSD.org> Subject: Re: svn commit: r239598 - head/etc/rc.d Message-ID: <20120904220126.GA85339@dragon.NUXI.org> In-Reply-To: <5043E449.8050005@FreeBSD.org> References: <201208222337.q7MNbORo017642@svn.freebsd.org> <5043E449.8050005@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 02, 2012 at 03:57:13PM -0700, Doug Barton wrote: > On 08/22/2012 16:37, David E. O'Brien wrote: > > Author: obrien > > Date: Wed Aug 22 23:37:24 2012 > > New Revision: 239598 > > URL: http://svn.freebsd.org/changeset/base/239598 > > > > Log: > > * Reinstate r128059's consumption of our best entropy first. > > r128060 for "hardware-supplied entropy" reversed this without reason, > > seems a typo. > > I object to this change as well, although mostly for sentimental > reasons. :) Hi Doug, Hope you had a good Labor Day Holiday. I'm sorry I didn't see your messages before I committed another change to this file (r240108). I had it ready to commit last Thursday night, but didn't want to commit it before being AFK over the holiday. > It's also dubious whether the static /entropy file is > really the "best" option at that point, since the "better than nothing" > entropy at least contains some elements that have the potential to be > different at boot time. I may be misreading. Are you suggesting you don't have much faith that there is a good amount of entropy in the saved "/entropy" as produced by /dev/random? > > * Isolate "better than nothing" implementation to a function. > > We generally don't extract code that's only run once into a function, > and my stylistic preference is that we do not do that. I'll go thru your messages and take a look at your diff. I think what I committed is a better abstraction. I think the name of the function helps drive the point that that entropy gathering isn't all that good, and makes reading the logic flow of the code easier to read. -- -- David (obrien@NUXI.org)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120904220126.GA85339>