Hello, While hacking on the sparc64 bootloader (patch in another mail) I had some questions about the recently added super-early entropy loading code.
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/arch/sparc64/stand/ofwboot/boot.c.diff?r1=1.19;r2=1.20 >From the commit message: "Try to load entropy data from disk:/etc/random.seed" Except it doesn't actually load it from disk, it loads it from whatever device you're loading the kernel from (in my case, the network). Other architectures may do the same. There are a few things I'm not sure about: 1) The way it's currently implemented, it causes two separate config-discovery attempts because it does a separate open/close of the device. If you're using bootp, it waits for the bootparams timeout twice, etc. However, I don't see a way to improve this that doesn't increase the complexity of the code too much, so (although it seems silly) perhaps it should stay that way. 2) I suspect that seeding your PRNG with data sent in the clear isn't a great idea in the first place. 3) If you're netbooting anyway, by the time you actually fetch the kernel you've already done a bunch of network operations. Wouldn't timing information from that be safer than some seed sent in the clear? 4) Could just be my lack of understanding, but I'm not sure that serving /etc/random.seed via NFS is a good idea. Wouldn't it need to be the same as the NFS server's? As far as I can tell, exports(5) doesn't allow you to export some arbitrary (not /etc) tree and have it appear to others as /etc. I really don't know what the best thing to do is, but it seems a bit odd in its current state.
