On Mon, May 11, 2020 at 04:28:51PM +0300, Andreas Gustafsson wrote: > nia wrote: > > > OpenBSD guarantees that there is an entropy seed from the boot loader, > > > which is very different from NetBSD's "best effort". Was this not > > > already the case when the getentropy API was introduced? > > > > We do the same, on supported architectures. In addition to reading > > from CPU HWRNGs extremely early in the kernel, the bootloader > > provides a seed. Then, once userland is ready, all entropy is > > consolidated. > > > > At the risk of recieving more angry private emails from Mr. de Raadt, > > (in the bootblocks!), if what OpenBSD does satisfies you, what > > NetBSD does should also satisfy you. > > For the OpenBSD strategy to work, the system needs to actually refuse > to run if the seed can't be loaded (or full entropy achieved in some > other way). NetBSD doesn't do that. As long as there is any way > userland can start before full entropy has been achieved, all APIs > that provide randomness for security purposes must support blocking > (or returning errors).
Why? Like I said, we don't have a working 127.0.0.1 when userland starts and that is an essential part of the Unix network stack. Joerg
