Hi Warner,
On Wed, Apr 17, 2019 at 10:16 AM Warner Losh wrote:
> I'm going to put a very fine point on this: any hard-requirement of entropy
> sources is a non-starter. If you require that, your commit will be backed out
> and/or hacked around by the addition of a nob in the future. It will
On Wed, 2019-04-17 at 11:16 -0600, Warner Losh wrote:
> On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote:
>
> > On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> > > > bhyveload is effectively the loader in this case. It runs the normal
> >
On Wed, Apr 17, 2019 at 9:06 AM John Baldwin wrote:
>
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > Perhaps cryptographically random stack-protector cookies are simply
> > inappropriate for MIPS or RISCV. Do we have any other examples of
> > kernel random consumers blocking after that immediate
On Tue, Apr 16, 2019, 4:51 PM Rodney W. Grimes
wrote:
> > On 4/15/19 11:40 AM, Conrad Meyer wrote:
> > > Author: cem
> > > Date: Mon Apr 15 18:40:36 2019
> > > New Revision: 346250
> > > URL: https://svnweb.freebsd.org/changeset/base/346250
> > >
> > > Log:
> > > random(4): Block
On Mon, 15 Apr 2019 at 11:40, Conrad Meyer wrote:
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
>
Sniffle, this broke on my mips boards whilst
On Mon, Apr 15, 2019 at 11:40 AM Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Hi,
For anyone interested in a change to restore
On 4/16/19 4:43 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
>> Still, what I would suggest is to have the existing arc4random() use
>> WITNESS_WARN.
>> We could provide an alternative API that is non-blocking and returns
>> EWOULDBLOCK.
>
> I think the
On 4/16/19 3:49 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
>> There are definitely places arc4random is used where sleeping is not allowed.
>
> Sure.
>
>> ipsec generating nonces for AES-CBC is one example I can think of off the
>> top of my head.
>
> IVs for
On 4/16/19 3:51 PM, Rodney W. Grimes wrote:
>> On 4/15/19 11:40 AM, Conrad Meyer wrote:
>> Note that I actually often run into unseeded systems when doing development
>> using qemu for non-x86 architectures. For example, when booting mips from
>> qemu, there is no loader, the kernel just starts,
On Tue, Apr 16, 2019 at 6:19 AM Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
>> It's not only CI, all release images (memstick, iso) don't have
>> a /boot/entropy.
>> Also all arm/arm64 image don't have this file too.
>> If /boot/entropy is needed and isn't present
Hey Adrian,
As discussed with John and Warner upthread, I hope to have a patch out
for review later today to give folks a knob to disable this. It may
even make sense to default it on, at least for !x86. I am happy to CC
you on review if you like.
Take care,
Conrad
On Wed, Apr 17, 2019 at
On Tue, Apr 16, 2019 at 9:27 AM Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 7:24 AM Justin Hibbits
> wrote:
> >
> > Hi Conrad,
> > ...
> > [Power] does use bsdinstall to install. How is entropy loaded at
> startup,
> > which causes the problem noted in github?
>
> There are a couple very
On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> bhyveload is effectively the loader in this case. It runs the normal loader
> scripts and logic and so would load the guests's /boot/entropy and pass it
> to the guest kernel as metadata just like the regular loader.
Right, except it doesn't
On 4/15/19 11:40 AM, Conrad Meyer wrote:
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
>
> read_random() is/was used, mostly without error checking,
On Mon, Apr 15, 2019, 18:34 Ed Maste wrote:
> On Mon, 15 Apr 2019 at 14:40, Conrad Meyer wrote:
> >
> > Author: cem
> > Date: Mon Apr 15 18:40:36 2019
> > New Revision: 346250
> > URL: https://svnweb.freebsd.org/changeset/base/346250
> >
> > Log:
> > random(4): Block read_random(9) on initial
Hi John,
On Wed, Apr 17, 2019 at 9:01 AM John Baldwin wrote:
> You're missing the point which is that you've added potential blocking in a
> lot of
> places by changing the semantics of arc4random.
I get it. The thing is, it's a weird blocking semantic. It's not the
same as any other
On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> > wrote:
> >
> > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > Conrad Meyer wrote:
> > >
> > > > On Mon, Apr 15, 2019 at 5:53 PM Conrad
On Tue, Apr 16, 2019 at 9:33 AM Warner Losh wrote:
> In that case, we're better off having a MD routine that gets called if
> there's no loader-provided entropy pool.
Yes, this is more or less the same plan I had. There's no need to add
anything MD specific; we already abstract MD random
On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> E.g., the CI infrastructure for
> Riscv/Arm is/was generating minimal filesystem images and not
> populating /boot/entropy.
I should add, I say "is/was" because I have a PR out which may address
the problem:
On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote:
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> >> bhyveload is effectively the loader in this case. It runs the normal
> loader
> >> scripts and logic and so would load the guests's
On Tue, 2019-04-16 at 09:58 -0700, Conrad Meyer wrote:
> Systems lacking both an NV store and an entropy source available
> during mi_startup (i.e., not interrupts...) cannot safely provide
> entropy in early boot. On those systems, we must disable random
> consumption during early boot.
Or you
[ Charset UTF-8 unsupported, converting... ]
> Hi Warner,
>
> On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> > On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> >> Isn't a file full of data which is distributed in identical form to
> >> everyone the exact opposite of entropy?
>
> Ian
On 4/16/19 4:48 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
>> bhyveload is effectively the loader in this case. It runs the normal loader
>> scripts and logic and so would load the guests's /boot/entropy and pass it
>> to the guest kernel as metadata just like
On Tue, Apr 16, 2019 at 7:24 AM Justin Hibbits wrote:
>
> Hi Conrad,
> ...
> [Power] does use bsdinstall to install. How is entropy loaded at startup,
> which causes the problem noted in github?
There are a couple very early load sources. loader(8) will load
early-boot entropy from
Hi Justin,
On Mon, Apr 15, 2019 at 5:01 PM Justin Hibbits wrote:
> Given the discussion over there it would probably also fail on powernv, which
> also does not use loader.
Does power use bsdinstall (which populates /boot/entropy at install
time via usr.sbin/bsdinstall/scripts/entropy) and
On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
> Yes, but we need some kind of non-blocking API, not an
> unconditionally-blocking API
> that deadlocks.
I'm not sure we do. It would be sufficient to check once at subsystem
initialization time. There's no race condition such that we block
On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
> There are definitely places arc4random is used where sleeping is not allowed.
Sure.
> ipsec generating nonces for AES-CBC is one example I can think of off the
> top of my head.
IVs for AES-CBC are also a great example of a case we should
On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> wrote:
>
> > On Mon, 15 Apr 2019 17:54:56 -0700
> > Conrad Meyer wrote:
> >
> > > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer
> > > wrote:
> > > > E.g., the CI infrastructure for
> > > >
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>
> > On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> > > wrote:
> > >
> > > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > > Conrad Meyer wrote:
> > > >
> > > > > On Mon, Apr 15, 2019 at
On Tue, Apr 16, 2019 at 9:51 AM Conrad Meyer wrote:
> Hi Warner,
>
> On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> > On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> >> Isn't a file full of data which is distributed in identical form to
> >> everyone the exact opposite of entropy?
>
On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
> On Mon, 15 Apr 2019 17:54:56 -0700
> Conrad Meyer wrote:
>
> > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> > > E.g., the CI infrastructure for
> > > Riscv/Arm is/was generating minimal filesystem images and not
> > > populating
Hi Conrad,
On Mon, 15 Apr 2019 17:53:17 -0700
Conrad Meyer wrote:
> Hi Justin,
>
> On Mon, Apr 15, 2019 at 5:01 PM Justin Hibbits
> wrote:
> > Given the discussion over there it would probably also fail on
> > powernv, which also does not use loader.
>
> Does power use bsdinstall (which
> On 4/15/19 11:40 AM, Conrad Meyer wrote:
> > Author: cem
> > Date: Mon Apr 15 18:40:36 2019
> > New Revision: 346250
> > URL: https://svnweb.freebsd.org/changeset/base/346250
> >
> > Log:
> > random(4): Block read_random(9) on initial seeding
> >
> > read_random() is/was used, mostly
Hi Warner,
On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>> Isn't a file full of data which is distributed in identical form to
>> everyone the exact opposite of entropy?
Ian has the right idea.
> It's just to bootstrap entropy for
Hi I just got this:
UART 16550 configured with options: baud = 115200 | freq = 5000
bbl loader
r vv
Hi Ruslan,
On Tue, Apr 16, 2019 at 8:38 AM Ruslan Bukin wrote:
>
> Hi I just got this:
>
> ...
> _sleep() at random_harvest_deregister_source+0x132
> random_harvest_deregister_source() at read_random+0xc4
> read_random() at vn_fsync_buf+0x594
> vn_fsync_buf() at arc4rand+0xd4
> arc4rand() at
Author: cem
Date: Mon Apr 15 18:40:36 2019
New Revision: 346250
URL: https://svnweb.freebsd.org/changeset/base/346250
Log:
random(4): Block read_random(9) on initial seeding
read_random() is/was used, mostly without error checking, in a lot of
very sensitive places in the kernel --
On Mon, 15 Apr 2019 at 14:40, Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Because Gerald (one of the FreeBSD Foundation's co-op
On Mon, 15 Apr 2019 17:54:56 -0700
Conrad Meyer wrote:
> On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> > E.g., the CI infrastructure for
> > Riscv/Arm is/was generating minimal filesystem images and not
> > populating /boot/entropy.
>
> I should add, I say "is/was" because I have a PR
On Mon, Apr 15, 2019 at 11:40 AM Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Hi,
For anyone interested in a change to restore
Hey Adrian,
As discussed with John and Warner upthread, I hope to have a patch out
for review later today to give folks a knob to disable this. It may
even make sense to default it on, at least for !x86. I am happy to CC
you on review if you like.
Take care,
Conrad
On Wed, Apr 17, 2019 at
On Mon, 15 Apr 2019 at 11:40, Conrad Meyer wrote:
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
>
Sniffle, this broke on my mips boards whilst
Hi John,
On Wed, Apr 17, 2019 at 9:01 AM John Baldwin wrote:
> You're missing the point which is that you've added potential blocking in a
> lot of
> places by changing the semantics of arc4random.
I get it. The thing is, it's a weird blocking semantic. It's not the
same as any other
On Wed, 2019-04-17 at 11:16 -0600, Warner Losh wrote:
> On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote:
>
> > On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> > > > bhyveload is effectively the loader in this case. It runs the normal
> >
Hi Warner,
On Wed, Apr 17, 2019 at 10:16 AM Warner Losh wrote:
> I'm going to put a very fine point on this: any hard-requirement of entropy
> sources is a non-starter. If you require that, your commit will be backed out
> and/or hacked around by the addition of a nob in the future. It will
On Wed, Apr 17, 2019 at 9:06 AM John Baldwin wrote:
>
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > Perhaps cryptographically random stack-protector cookies are simply
> > inappropriate for MIPS or RISCV. Do we have any other examples of
> > kernel random consumers blocking after that immediate
On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote:
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> >> bhyveload is effectively the loader in this case. It runs the normal
> loader
> >> scripts and logic and so would load the guests's
On Tue, Apr 16, 2019, 4:51 PM Rodney W. Grimes
wrote:
> > On 4/15/19 11:40 AM, Conrad Meyer wrote:
> > > Author: cem
> > > Date: Mon Apr 15 18:40:36 2019
> > > New Revision: 346250
> > > URL: https://svnweb.freebsd.org/changeset/base/346250
> > >
> > > Log:
> > > random(4): Block
On 4/16/19 4:48 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
>> bhyveload is effectively the loader in this case. It runs the normal loader
>> scripts and logic and so would load the guests's /boot/entropy and pass it
>> to the guest kernel as metadata just like
On 4/16/19 4:43 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
>> Still, what I would suggest is to have the existing arc4random() use
>> WITNESS_WARN.
>> We could provide an alternative API that is non-blocking and returns
>> EWOULDBLOCK.
>
> I think the
On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> bhyveload is effectively the loader in this case. It runs the normal loader
> scripts and logic and so would load the guests's /boot/entropy and pass it
> to the guest kernel as metadata just like the regular loader.
Right, except it doesn't
On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
> Yes, but we need some kind of non-blocking API, not an
> unconditionally-blocking API
> that deadlocks.
I'm not sure we do. It would be sufficient to check once at subsystem
initialization time. There's no race condition such that we block
On 4/16/19 3:51 PM, Rodney W. Grimes wrote:
>> On 4/15/19 11:40 AM, Conrad Meyer wrote:
>> Note that I actually often run into unseeded systems when doing development
>> using qemu for non-x86 architectures. For example, when booting mips from
>> qemu, there is no loader, the kernel just starts,
On 4/16/19 3:49 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
>> There are definitely places arc4random is used where sleeping is not allowed.
>
> Sure.
>
>> ipsec generating nonces for AES-CBC is one example I can think of off the
>> top of my head.
>
> IVs for
On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
> There are definitely places arc4random is used where sleeping is not allowed.
Sure.
> ipsec generating nonces for AES-CBC is one example I can think of off the
> top of my head.
IVs for AES-CBC are also a great example of a case we should
> On 4/15/19 11:40 AM, Conrad Meyer wrote:
> > Author: cem
> > Date: Mon Apr 15 18:40:36 2019
> > New Revision: 346250
> > URL: https://svnweb.freebsd.org/changeset/base/346250
> >
> > Log:
> > random(4): Block read_random(9) on initial seeding
> >
> > read_random() is/was used, mostly
On 4/15/19 11:40 AM, Conrad Meyer wrote:
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
>
> read_random() is/was used, mostly without error checking,
On Tue, 2019-04-16 at 09:58 -0700, Conrad Meyer wrote:
> Systems lacking both an NV store and an entropy source available
> during mi_startup (i.e., not interrupts...) cannot safely provide
> entropy in early boot. On those systems, we must disable random
> consumption during early boot.
Or you
On Tue, Apr 16, 2019 at 9:33 AM Warner Losh wrote:
> In that case, we're better off having a MD routine that gets called if
> there's no loader-provided entropy pool.
Yes, this is more or less the same plan I had. There's no need to add
anything MD specific; we already abstract MD random
On Tue, Apr 16, 2019 at 9:51 AM Conrad Meyer wrote:
> Hi Warner,
>
> On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> > On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> >> Isn't a file full of data which is distributed in identical form to
> >> everyone the exact opposite of entropy?
>
[ Charset UTF-8 unsupported, converting... ]
> Hi Warner,
>
> On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> > On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> >> Isn't a file full of data which is distributed in identical form to
> >> everyone the exact opposite of entropy?
>
> Ian
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>
> > On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> > > wrote:
> > >
> > > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > > Conrad Meyer wrote:
> > > >
> > > > > On Mon, Apr 15, 2019 at
Hi Warner,
On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>> Isn't a file full of data which is distributed in identical form to
>> everyone the exact opposite of entropy?
Ian has the right idea.
> It's just to bootstrap entropy for
On Tue, Apr 16, 2019 at 9:27 AM Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 7:24 AM Justin Hibbits
> wrote:
> >
> > Hi Conrad,
> > ...
> > [Power] does use bsdinstall to install. How is entropy loaded at
> startup,
> > which causes the problem noted in github?
>
> There are a couple very
Hi Ruslan,
On Tue, Apr 16, 2019 at 8:38 AM Ruslan Bukin wrote:
>
> Hi I just got this:
>
> ...
> _sleep() at random_harvest_deregister_source+0x132
> random_harvest_deregister_source() at read_random+0xc4
> read_random() at vn_fsync_buf+0x594
> vn_fsync_buf() at arc4rand+0xd4
> arc4rand() at
On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> > wrote:
> >
> > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > Conrad Meyer wrote:
> > >
> > > > On Mon, Apr 15, 2019 at 5:53 PM Conrad
Hi I just got this:
UART 16550 configured with options: baud = 115200 | freq = 5000
bbl loader
r vv
On Tue, Apr 16, 2019 at 7:24 AM Justin Hibbits wrote:
>
> Hi Conrad,
> ...
> [Power] does use bsdinstall to install. How is entropy loaded at startup,
> which causes the problem noted in github?
There are a couple very early load sources. loader(8) will load
early-boot entropy from
On Tue, Apr 16, 2019 at 6:19 AM Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
>> It's not only CI, all release images (memstick, iso) don't have
>> a /boot/entropy.
>> Also all arm/arm64 image don't have this file too.
>> If /boot/entropy is needed and isn't present
On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> wrote:
>
> > On Mon, 15 Apr 2019 17:54:56 -0700
> > Conrad Meyer wrote:
> >
> > > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer
> > > wrote:
> > > > E.g., the CI infrastructure for
> > > >
Hi Conrad,
On Mon, 15 Apr 2019 17:53:17 -0700
Conrad Meyer wrote:
> Hi Justin,
>
> On Mon, Apr 15, 2019 at 5:01 PM Justin Hibbits
> wrote:
> > Given the discussion over there it would probably also fail on
> > powernv, which also does not use loader.
>
> Does power use bsdinstall (which
On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
> On Mon, 15 Apr 2019 17:54:56 -0700
> Conrad Meyer wrote:
>
> > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> > > E.g., the CI infrastructure for
> > > Riscv/Arm is/was generating minimal filesystem images and not
> > > populating
On Mon, 15 Apr 2019 17:54:56 -0700
Conrad Meyer wrote:
> On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> > E.g., the CI infrastructure for
> > Riscv/Arm is/was generating minimal filesystem images and not
> > populating /boot/entropy.
>
> I should add, I say "is/was" because I have a PR
On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> E.g., the CI infrastructure for
> Riscv/Arm is/was generating minimal filesystem images and not
> populating /boot/entropy.
I should add, I say "is/was" because I have a PR out which may address
the problem:
Hi Justin,
On Mon, Apr 15, 2019 at 5:01 PM Justin Hibbits wrote:
> Given the discussion over there it would probably also fail on powernv, which
> also does not use loader.
Does power use bsdinstall (which populates /boot/entropy at install
time via usr.sbin/bsdinstall/scripts/entropy) and
On Mon, Apr 15, 2019, 18:34 Ed Maste wrote:
> On Mon, 15 Apr 2019 at 14:40, Conrad Meyer wrote:
> >
> > Author: cem
> > Date: Mon Apr 15 18:40:36 2019
> > New Revision: 346250
> > URL: https://svnweb.freebsd.org/changeset/base/346250
> >
> > Log:
> > random(4): Block read_random(9) on initial
On Mon, 15 Apr 2019 at 14:40, Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Because Gerald (one of the FreeBSD Foundation's co-op
Author: cem
Date: Mon Apr 15 18:40:36 2019
New Revision: 346250
URL: https://svnweb.freebsd.org/changeset/base/346250
Log:
random(4): Block read_random(9) on initial seeding
read_random() is/was used, mostly without error checking, in a lot of
very sensitive places in the kernel --
78 matches
Mail list logo
