bin/134225: [patch] Reduce disk write load from save-entropy
peterjeremy at optushome.com.au
peterjeremy at optushome.com.au
Tue May 5 07:30:02 UTC 2009
>Number: 134225
>Category: bin
>Synopsis: [patch] Reduce disk write load from save-entropy
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue May 05 07:30:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Peter Jeremy
>Release: FreeBSD 8.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD aspire.vk2pj.dyndns.org 8.0-CURRENT FreeBSD 8.0-CURRENT #0: Sat Apr 25 16:44:59 EST 2009 root at aspire.vk2pj.dyndns.org:/home/obj/usr/src/sys/aspire i386
>Description:
By default, save-entropy is run by cron every 11 minutes to
provide some initial entropy following a system reboot. It
uses the standard log-rotating approach to maintain 8 entropy
files, with the most recent always being saved-entropy.1
suffix and the oldest file being deleted. As a result, each
run of save-entropy causes 7 file renames, 1 file create &
write and 1 file delete.
There does not appear to be any special reason for keeping the
most recent entropy dump in a fixed name - the order of
reloading the entropy files should not affect the total amount
of entropy loaded into the kernel. In order to reduce the
number of writes to the SSD in my laptop, I therefore
re-engineered save-entropy to just overwrite the oldest file
in-place. This means that only the 2KB of entropy and 1 inode
are touched. In particular, by not deleting/recreating the
file, $entropy_dir is not touched.
>How-To-Repeat:
Code inspection. Monitoring disk write transfers via devstat.
>Fix:
Index: save-entropy.sh
===================================================================
RCS file: /usr/ncvs/src/libexec/save-entropy/save-entropy.sh,v
retrieving revision 1.4
diff -u -r1.4 save-entropy.sh
--- save-entropy.sh 28 Aug 2006 06:41:50 -0000 1.4
+++ save-entropy.sh 5 May 2009 07:14:03 -0000
@@ -64,29 +64,37 @@
chmod 0700 "${entropy_dir}"
fi
-umask 377
-
-esn_m1=$(( ${entropy_save_num} - 1 ))
-for file_num in `jot $esn_m1 $esn_m1 1`; do
- if [ -e "${entropy_dir}/saved-entropy.${file_num}" ]; then
- if [ -f "${entropy_dir}/saved-entropy.${file_num}" ]; then
- new_file=saved-entropy.$(( $file_num + 1 ))
- if [ -e "${entropy_dir}/${new_file}" ]; then
- unlink ${entropy_dir}/${new_file}
- fi
- mv "${entropy_dir}/saved-entropy.${file_num}" \
- "${entropy_dir}/${new_file}"
- else
+# Scan files 1..$entropy_save_num picking a non-existent file or
+# the oldest existing file
+save_file="${entropy_dir}/saved-entropy.1"
+if [ -e "${save_file}" ] ; then
+ if [ ! -f "${save_file}" ] ; then
+ logger -is -t "$0" \
+"${save_file} is not a regular file, and therefore \
+it will not be rotated. Entropy file harvesting is aborted."
+ exit 1
+ fi
+ next_try=2
+ while [ ${next_try} -le ${entropy_save_num} ]; do
+ next="${entropy_dir}/saved-entropy.${next_try}"
+ if [ ! -e "${next}" ] ; then
+ save_file="${next}"
+ break
+ elif [ ! -f "${next}" ] ; then
logger -is -t "$0" \
-"${entropy_dir}/saved-entropy.${file_num} is not a regular file, and therefore \
+"${next} is not a regular file, and therefore \
it will not be rotated. Entropy file harvesting is aborted."
exit 1
+ elif [ "${next}" -ot "${save_file}" ] ; then
+ save_file="${next}"
fi
- fi
-done
+ next_try=$(( ${next_try} + 1 ))
+ done
+fi
-dd if=/dev/random of="${entropy_dir}/saved-entropy.1" \
- bs="$entropy_save_sz" count=1 2> /dev/null
+[ -e "${save_file}" ] && chmod 600 "${save_file}"
-exit 0
+dd if=/dev/random of="${save_file}" bs="$entropy_save_sz" count=1 2> /dev/null
+chmod 400 "${save_file}"
+exit 0
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list