svn commit: r346358 - in head: . sys/dev/random sys/libkern sys/mips/conf sys/sys
Enji Cooper
yaneurabeya at gmail.com
Fri Apr 19 05:56:36 UTC 2019
> On Apr 18, 2019, at 13:48, Conrad Meyer <cem at freebsd.org> wrote:
>
> Author: cem
> Date: Thu Apr 18 20:48:54 2019
> New Revision: 346358
> URL: https://svnweb.freebsd.org/changeset/base/346358
>
> Log:
> random(4): Restore availability tradeoff prior to r346250
>
> As discussed in that commit message, it is a dangerous default. But the
> safe default causes enough pain on a variety of platforms that for now,
> restore the prior default.
>
> Some of this is self-induced pain we should/could do better about; for
> example, programmatic CI systems and VM managers should introduce entropy
> from the host for individual VM instances. This is considered a future work
> item.
>
> On modern x86 and Power9 systems, this may be wholly unnecessary after
> D19928 lands (even in the non-ideal case where early /boot/entropy is
> unavailable), because they have fast hardware random sources available early
> in boot. But D19928 is not yet landed and we have a host of architectures
> which do not provide fast random sources.
>
> This change adds several tunables and diagnostic sysctls, documented
> thoroughly in UPDATING and sys/dev/random/random_infra.c.
Thank you for doing this Conrad!
One request: can these sysctls/tunables please be documented in random(4)? Not everyone has access to UPDATING with binary distributions.
Thank you so very much!
-Enji
More information about the svn-src-head
mailing list