svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
Warner Losh
imp at bsdimp.com
Tue Apr 16 15:47:19 UTC 2019
On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore <ian at freebsd.org> wrote:
> On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot <manu at bidouilliste.com>
> > wrote:
> >
> > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > Conrad Meyer <cem at freebsd.org> wrote:
> > >
> > > > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer <cem at freebsd.org>
> > > > wrote:
> > > > > E.g., the CI infrastructure for
> > > > > Riscv/Arm is/was generating minimal filesystem images and not
> > > > > populating /boot/entropy.
> > > >
> > > > I should add, I say "is/was" because I have a PR out which may
> > > > address
> > > > the problem: https://github.com/freebsd/freebsd-ci/pull/31
> > > >
> > > > Best,
> > > > Conrad
> > >
> > > It's not only CI, all release images (memstick, iso) don't have
> > > a /boot/entropy.
> > > Also all arm/arm64 image don't have this file too.
> > > If /boot/entropy is needed and isn't present loader(8) should
> > > gather
> > > some entropy and pass this to the kernel for the first boot.
> > >
> >
> > Maybe we need to bootstrap the entropy file as part of buildworld.
> > I'm not
> > sure if the loader can find enough...
> >
> >
> Isn't a file full of data which is distributed in identical form to
> everyone the exact opposite of entropy?
>
It's just to bootstrap entropy for installs. The CI stuff doesn't matter if
that's the same since the CI images aren't exposed to the internet in any
way that would make it matter. The normal install would have the same seeds
of entropy, but diverge from there fairly quickly. The stuff that's used
early in the install is the don't care sort of things that won't matter in
the installer (which then creates it's own entropy that's different for
every install).
Warner
More information about the svn-src-all
mailing list