On Sun, Apr 04, 2021 at 03:32:08PM -0700, Greg A. Woods wrote: > At Mon, 05 Apr 2021 00:14:30 +0200 (CEST), Havard Eidnes <h...@netbsd.org> > wrote: > Subject: Re: regarding the changes to kernel entropy gathering > > > > > What about architectures that have nothing like RDRAND/RDSEED? Are > > > they, effectively, totally unsupported now? > > > > Nope, not entirely. But they have to be seeded once. If they > > have storage which survives reboots, and entropy is saved and > > restored on reboot, they will be ~fine. > > BTW, to me reusing the same entropy on every reboot seems less secure.
Except that's not what the system is doing. It removes the seed file on boot and creates a new one on shutdown. > > Systems without persistent storage and also without RDRAND/RDSEED > > will however be ... a more challenging problem. > > Leaving things like that would be totally silly. > > With my patch the old way of gathering entropy from devices works just > fine as it always did, albeit with the second patch it does require a > tiny bit of extra configuration. You keep repeating yourself. It doesn't make your claims any less false. At this point, can we please just stop this thread? Joerg
