Hey Adrian,
As discussed with John and Warner upthread, I hope to have a patch out
for review later today to give folks a knob to disable this. It may
even make sense to default it on, at least for !x86. I am happy to CC
you on review if you like.
Take care,
Conrad
On Wed, Apr 17, 2019 at 11:2
On Mon, Apr 15, 2019 at 11:40 AM Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Hi,
For anyone interested in a change to restore th
On Mon, 15 Apr 2019 at 11:40, Conrad Meyer wrote:
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
>
Sniffle, this broke on my mips boards whilst debugging
On Wed, Apr 17, 2019 at 9:06 AM John Baldwin wrote:
>
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > Perhaps cryptographically random stack-protector cookies are simply
> > inappropriate for MIPS or RISCV. Do we have any other examples of
> > kernel random consumers blocking after that immediate h
On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote:
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> >> bhyveload is effectively the loader in this case. It runs the normal
> loader
> >> scripts and logic and so would load the guests's /boot/e
On Tue, Apr 16, 2019, 4:51 PM Rodney W. Grimes
wrote:
> > On 4/15/19 11:40 AM, Conrad Meyer wrote:
> > > Author: cem
> > > Date: Mon Apr 15 18:40:36 2019
> > > New Revision: 346250
> > > URL: https://svnweb.freebsd.org/changeset/base/346250
> > >
> > > Log:
> > > random(4): Block read_random(9)
On Wed, 2019-04-17 at 11:16 -0600, Warner Losh wrote:
> On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote:
>
> > On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> > > > bhyveload is effectively the loader in this case. It runs the normal
> >
> On 4/15/19 11:40 AM, Conrad Meyer wrote:
> > Author: cem
> > Date: Mon Apr 15 18:40:36 2019
> > New Revision: 346250
> > URL: https://svnweb.freebsd.org/changeset/base/346250
> >
> > Log:
> > random(4): Block read_random(9) on initial seeding
> >
> > read_random() is/was used, mostly with
Hi John,
On Wed, Apr 17, 2019 at 9:01 AM John Baldwin wrote:
> You're missing the point which is that you've added potential blocking in a
> lot of
> places by changing the semantics of arc4random.
I get it. The thing is, it's a weird blocking semantic. It's not the
same as any other blocking
Hi Warner,
On Wed, Apr 17, 2019 at 10:16 AM Warner Losh wrote:
> I'm going to put a very fine point on this: any hard-requirement of entropy
> sources is a non-starter. If you require that, your commit will be backed out
> and/or hacked around by the addition of a nob in the future. It will hap
On Tue, Apr 16, 2019 at 9:33 AM Warner Losh wrote:
> In that case, we're better off having a MD routine that gets called if
> there's no loader-provided entropy pool.
Yes, this is more or less the same plan I had. There's no need to add
anything MD specific; we already abstract MD random source
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>
> > On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> > > wrote:
> > >
> > > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > > Conrad Meyer wrote:
> > > >
> > > > > On Mon, Apr 15, 2019 at
On Tue, Apr 16, 2019 at 7:24 AM Justin Hibbits wrote:
>
> Hi Conrad,
> ...
> [Power] does use bsdinstall to install. How is entropy loaded at startup,
> which causes the problem noted in github?
There are a couple very early load sources. loader(8) will load
early-boot entropy from /boot/entrop
Hi Ruslan,
On Tue, Apr 16, 2019 at 8:38 AM Ruslan Bukin wrote:
>
> Hi I just got this:
>
> ...
> _sleep() at random_harvest_deregister_source+0x132
> random_harvest_deregister_source() at read_random+0xc4
> read_random() at vn_fsync_buf+0x594
> vn_fsync_buf() at arc4rand+0xd4
> arc4rand() at sche
On 4/16/19 4:48 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
>> bhyveload is effectively the loader in this case. It runs the normal loader
>> scripts and logic and so would load the guests's /boot/entropy and pass it
>> to the guest kernel as metadata just like t
On 4/16/19 4:43 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
>> Still, what I would suggest is to have the existing arc4random() use
>> WITNESS_WARN.
>> We could provide an alternative API that is non-blocking and returns
>> EWOULDBLOCK.
>
> I think the alternat
On 4/15/19 11:40 AM, Conrad Meyer wrote:
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
>
> read_random() is/was used, mostly without error checking,
On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
> Yes, but we need some kind of non-blocking API, not an
> unconditionally-blocking API
> that deadlocks.
I'm not sure we do. It would be sufficient to check once at subsystem
initialization time. There's no race condition such that we block
On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
> There are definitely places arc4random is used where sleeping is not allowed.
Sure.
> ipsec generating nonces for AES-CBC is one example I can think of off the
> top of my head.
IVs for AES-CBC are also a great example of a case we should be
On 4/16/19 3:49 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
>> There are definitely places arc4random is used where sleeping is not allowed.
>
> Sure.
>
>> ipsec generating nonces for AES-CBC is one example I can think of off the
>> top of my head.
>
> IVs for
On Tue, Apr 16, 2019 at 9:51 AM Conrad Meyer wrote:
> Hi Warner,
>
> On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> > On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> >> Isn't a file full of data which is distributed in identical form to
> >> everyone the exact opposite of entropy?
>
>
On 4/16/19 3:51 PM, Rodney W. Grimes wrote:
>> On 4/15/19 11:40 AM, Conrad Meyer wrote:
>> Note that I actually often run into unseeded systems when doing development
>> using qemu for non-x86 architectures. For example, when booting mips from
>> qemu, there is no loader, the kernel just starts, a
On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> bhyveload is effectively the loader in this case. It runs the normal loader
> scripts and logic and so would load the guests's /boot/entropy and pass it
> to the guest kernel as metadata just like the regular loader.
Right, except it doesn't
On Tue, 2019-04-16 at 09:58 -0700, Conrad Meyer wrote:
> Systems lacking both an NV store and an entropy source available
> during mi_startup (i.e., not interrupts...) cannot safely provide
> entropy in early boot. On those systems, we must disable random
> consumption during early boot.
Or you c
Hi Warner,
On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>> Isn't a file full of data which is distributed in identical form to
>> everyone the exact opposite of entropy?
Ian has the right idea.
> It's just to bootstrap entropy for insta
On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> wrote:
>
> > On Mon, 15 Apr 2019 17:54:56 -0700
> > Conrad Meyer wrote:
> >
> > > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer
> > > wrote:
> > > > E.g., the CI infrastructure for
> > > > Ris
On Mon, 15 Apr 2019 at 14:40, Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Because Gerald (one of the FreeBSD Foundation's co-op s
On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> E.g., the CI infrastructure for
> Riscv/Arm is/was generating minimal filesystem images and not
> populating /boot/entropy.
I should add, I say "is/was" because I have a PR out which may address
the problem: https://github.com/freebsd/freebsd-
On Tue, Apr 16, 2019 at 9:27 AM Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 7:24 AM Justin Hibbits
> wrote:
> >
> > Hi Conrad,
> > ...
> > [Power] does use bsdinstall to install. How is entropy loaded at
> startup,
> > which causes the problem noted in github?
>
> There are a couple very earl
On Mon, Apr 15, 2019, 18:34 Ed Maste wrote:
> On Mon, 15 Apr 2019 at 14:40, Conrad Meyer wrote:
> >
> > Author: cem
> > Date: Mon Apr 15 18:40:36 2019
> > New Revision: 346250
> > URL: https://svnweb.freebsd.org/changeset/base/346250
> >
> > Log:
> > random(4): Block read_random(9) on initial
On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> > wrote:
> >
> > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > Conrad Meyer wrote:
> > >
> > > > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer
On Tue, Apr 16, 2019 at 6:19 AM Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
>> It's not only CI, all release images (memstick, iso) don't have
>> a /boot/entropy.
>> Also all arm/arm64 image don't have this file too.
>> If /boot/entropy is needed and isn't present
[ Charset UTF-8 unsupported, converting... ]
> Hi Warner,
>
> On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> > On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> >> Isn't a file full of data which is distributed in identical form to
> >> everyone the exact opposite of entropy?
>
> Ian ha
Hi I just got this:
UART 16550 configured with options: baud = 115200 | freq = 5000
bbl loader
r vv
rrr
Hi Conrad,
On Mon, 15 Apr 2019 17:53:17 -0700
Conrad Meyer wrote:
> Hi Justin,
>
> On Mon, Apr 15, 2019 at 5:01 PM Justin Hibbits
> wrote:
> > Given the discussion over there it would probably also fail on
> > powernv, which also does not use loader.
>
> Does power use bsdinstall (which pop
On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
> On Mon, 15 Apr 2019 17:54:56 -0700
> Conrad Meyer wrote:
>
> > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> > > E.g., the CI infrastructure for
> > > Riscv/Arm is/was generating minimal filesystem images and not
> > > populating /bo
On Mon, 15 Apr 2019 17:54:56 -0700
Conrad Meyer wrote:
> On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> > E.g., the CI infrastructure for
> > Riscv/Arm is/was generating minimal filesystem images and not
> > populating /boot/entropy.
>
> I should add, I say "is/was" because I have a PR o
Hi Justin,
On Mon, Apr 15, 2019 at 5:01 PM Justin Hibbits wrote:
> Given the discussion over there it would probably also fail on powernv, which
> also does not use loader.
Does power use bsdinstall (which populates /boot/entropy at install
time via usr.sbin/bsdinstall/scripts/entropy) and inst
Author: cem
Date: Mon Apr 15 18:40:36 2019
New Revision: 346250
URL: https://svnweb.freebsd.org/changeset/base/346250
Log:
random(4): Block read_random(9) on initial seeding
read_random() is/was used, mostly without error checking, in a lot of
very sensitive places in the kernel -- includ
On Mon, Apr 15, 2019 at 11:40 AM Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Hi,
For anyone interested in a change to restore th
Hey Adrian,
As discussed with John and Warner upthread, I hope to have a patch out
for review later today to give folks a knob to disable this. It may
even make sense to default it on, at least for !x86. I am happy to CC
you on review if you like.
Take care,
Conrad
On Wed, Apr 17, 2019 at 11:2
On Mon, 15 Apr 2019 at 11:40, Conrad Meyer wrote:
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
>
Sniffle, this broke on my mips boards whilst debugging
Hi John,
On Wed, Apr 17, 2019 at 9:01 AM John Baldwin wrote:
> You're missing the point which is that you've added potential blocking in a
> lot of
> places by changing the semantics of arc4random.
I get it. The thing is, it's a weird blocking semantic. It's not the
same as any other blocking
On Wed, 2019-04-17 at 11:16 -0600, Warner Losh wrote:
> On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote:
>
> > On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> > > > bhyveload is effectively the loader in this case. It runs the normal
> >
Hi Warner,
On Wed, Apr 17, 2019 at 10:16 AM Warner Losh wrote:
> I'm going to put a very fine point on this: any hard-requirement of entropy
> sources is a non-starter. If you require that, your commit will be backed out
> and/or hacked around by the addition of a nob in the future. It will hap
On Wed, Apr 17, 2019 at 9:06 AM John Baldwin wrote:
>
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > Perhaps cryptographically random stack-protector cookies are simply
> > inappropriate for MIPS or RISCV. Do we have any other examples of
> > kernel random consumers blocking after that immediate h
On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote:
> On 4/16/19 4:48 PM, Conrad Meyer wrote:
> > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> >> bhyveload is effectively the loader in this case. It runs the normal
> loader
> >> scripts and logic and so would load the guests's /boot/e
On Tue, Apr 16, 2019, 4:51 PM Rodney W. Grimes
wrote:
> > On 4/15/19 11:40 AM, Conrad Meyer wrote:
> > > Author: cem
> > > Date: Mon Apr 15 18:40:36 2019
> > > New Revision: 346250
> > > URL: https://svnweb.freebsd.org/changeset/base/346250
> > >
> > > Log:
> > > random(4): Block read_random(9)
On 4/16/19 4:48 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
>> bhyveload is effectively the loader in this case. It runs the normal loader
>> scripts and logic and so would load the guests's /boot/entropy and pass it
>> to the guest kernel as metadata just like t
On 4/16/19 4:43 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
>> Still, what I would suggest is to have the existing arc4random() use
>> WITNESS_WARN.
>> We could provide an alternative API that is non-blocking and returns
>> EWOULDBLOCK.
>
> I think the alternat
On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote:
> bhyveload is effectively the loader in this case. It runs the normal loader
> scripts and logic and so would load the guests's /boot/entropy and pass it
> to the guest kernel as metadata just like the regular loader.
Right, except it doesn't
On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote:
> Yes, but we need some kind of non-blocking API, not an
> unconditionally-blocking API
> that deadlocks.
I'm not sure we do. It would be sufficient to check once at subsystem
initialization time. There's no race condition such that we block
On 4/16/19 3:51 PM, Rodney W. Grimes wrote:
>> On 4/15/19 11:40 AM, Conrad Meyer wrote:
>> Note that I actually often run into unseeded systems when doing development
>> using qemu for non-x86 architectures. For example, when booting mips from
>> qemu, there is no loader, the kernel just starts, a
On 4/16/19 3:49 PM, Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
>> There are definitely places arc4random is used where sleeping is not allowed.
>
> Sure.
>
>> ipsec generating nonces for AES-CBC is one example I can think of off the
>> top of my head.
>
> IVs for
On Tue, Apr 16, 2019 at 2:32 PM John Baldwin wrote:
> There are definitely places arc4random is used where sleeping is not allowed.
Sure.
> ipsec generating nonces for AES-CBC is one example I can think of off the
> top of my head.
IVs for AES-CBC are also a great example of a case we should be
> On 4/15/19 11:40 AM, Conrad Meyer wrote:
> > Author: cem
> > Date: Mon Apr 15 18:40:36 2019
> > New Revision: 346250
> > URL: https://svnweb.freebsd.org/changeset/base/346250
> >
> > Log:
> > random(4): Block read_random(9) on initial seeding
> >
> > read_random() is/was used, mostly with
On 4/15/19 11:40 AM, Conrad Meyer wrote:
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
>
> read_random() is/was used, mostly without error checking,
On Tue, 2019-04-16 at 09:58 -0700, Conrad Meyer wrote:
> Systems lacking both an NV store and an entropy source available
> during mi_startup (i.e., not interrupts...) cannot safely provide
> entropy in early boot. On those systems, we must disable random
> consumption during early boot.
Or you c
On Tue, Apr 16, 2019 at 9:33 AM Warner Losh wrote:
> In that case, we're better off having a MD routine that gets called if
> there's no loader-provided entropy pool.
Yes, this is more or less the same plan I had. There's no need to add
anything MD specific; we already abstract MD random source
On Tue, Apr 16, 2019 at 9:51 AM Conrad Meyer wrote:
> Hi Warner,
>
> On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> > On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> >> Isn't a file full of data which is distributed in identical form to
> >> everyone the exact opposite of entropy?
>
>
[ Charset UTF-8 unsupported, converting... ]
> Hi Warner,
>
> On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> > On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> >> Isn't a file full of data which is distributed in identical form to
> >> everyone the exact opposite of entropy?
>
> Ian ha
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>
> > On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> > > wrote:
> > >
> > > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > > Conrad Meyer wrote:
> > > >
> > > > > On Mon, Apr 15, 2019 at
Hi Warner,
On Tue, Apr 16, 2019 at 8:47 AM Warner Losh wrote:
> On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
>> Isn't a file full of data which is distributed in identical form to
>> everyone the exact opposite of entropy?
Ian has the right idea.
> It's just to bootstrap entropy for insta
On Tue, Apr 16, 2019 at 9:27 AM Conrad Meyer wrote:
> On Tue, Apr 16, 2019 at 7:24 AM Justin Hibbits
> wrote:
> >
> > Hi Conrad,
> > ...
> > [Power] does use bsdinstall to install. How is entropy loaded at
> startup,
> > which causes the problem noted in github?
>
> There are a couple very earl
Hi Ruslan,
On Tue, Apr 16, 2019 at 8:38 AM Ruslan Bukin wrote:
>
> Hi I just got this:
>
> ...
> _sleep() at random_harvest_deregister_source+0x132
> random_harvest_deregister_source() at read_random+0xc4
> read_random() at vn_fsync_buf+0x594
> vn_fsync_buf() at arc4rand+0xd4
> arc4rand() at sche
On Tue, Apr 16, 2019 at 9:16 AM Ian Lepore wrote:
> On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> > On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> > wrote:
> >
> > > On Mon, 15 Apr 2019 17:54:56 -0700
> > > Conrad Meyer wrote:
> > >
> > > > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer
Hi I just got this:
UART 16550 configured with options: baud = 115200 | freq = 5000
bbl loader
r vv
rrr
On Tue, Apr 16, 2019 at 7:24 AM Justin Hibbits wrote:
>
> Hi Conrad,
> ...
> [Power] does use bsdinstall to install. How is entropy loaded at startup,
> which causes the problem noted in github?
There are a couple very early load sources. loader(8) will load
early-boot entropy from /boot/entrop
On Tue, Apr 16, 2019 at 6:19 AM Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
>> It's not only CI, all release images (memstick, iso) don't have
>> a /boot/entropy.
>> Also all arm/arm64 image don't have this file too.
>> If /boot/entropy is needed and isn't present
On Tue, 2019-04-16 at 07:18 -0600, Warner Losh wrote:
> On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot
> wrote:
>
> > On Mon, 15 Apr 2019 17:54:56 -0700
> > Conrad Meyer wrote:
> >
> > > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer
> > > wrote:
> > > > E.g., the CI infrastructure for
> > > > Ris
Hi Conrad,
On Mon, 15 Apr 2019 17:53:17 -0700
Conrad Meyer wrote:
> Hi Justin,
>
> On Mon, Apr 15, 2019 at 5:01 PM Justin Hibbits
> wrote:
> > Given the discussion over there it would probably also fail on
> > powernv, which also does not use loader.
>
> Does power use bsdinstall (which pop
On Tue, Apr 16, 2019, 7:04 AM Emmanuel Vadot wrote:
> On Mon, 15 Apr 2019 17:54:56 -0700
> Conrad Meyer wrote:
>
> > On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> > > E.g., the CI infrastructure for
> > > Riscv/Arm is/was generating minimal filesystem images and not
> > > populating /bo
On Mon, 15 Apr 2019 17:54:56 -0700
Conrad Meyer wrote:
> On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> > E.g., the CI infrastructure for
> > Riscv/Arm is/was generating minimal filesystem images and not
> > populating /boot/entropy.
>
> I should add, I say "is/was" because I have a PR o
On Mon, Apr 15, 2019 at 5:53 PM Conrad Meyer wrote:
> E.g., the CI infrastructure for
> Riscv/Arm is/was generating minimal filesystem images and not
> populating /boot/entropy.
I should add, I say "is/was" because I have a PR out which may address
the problem: https://github.com/freebsd/freebsd-
Hi Justin,
On Mon, Apr 15, 2019 at 5:01 PM Justin Hibbits wrote:
> Given the discussion over there it would probably also fail on powernv, which
> also does not use loader.
Does power use bsdinstall (which populates /boot/entropy at install
time via usr.sbin/bsdinstall/scripts/entropy) and inst
On Mon, Apr 15, 2019, 18:34 Ed Maste wrote:
> On Mon, 15 Apr 2019 at 14:40, Conrad Meyer wrote:
> >
> > Author: cem
> > Date: Mon Apr 15 18:40:36 2019
> > New Revision: 346250
> > URL: https://svnweb.freebsd.org/changeset/base/346250
> >
> > Log:
> > random(4): Block read_random(9) on initial
On Mon, 15 Apr 2019 at 14:40, Conrad Meyer wrote:
>
> Author: cem
> Date: Mon Apr 15 18:40:36 2019
> New Revision: 346250
> URL: https://svnweb.freebsd.org/changeset/base/346250
>
> Log:
> random(4): Block read_random(9) on initial seeding
Because Gerald (one of the FreeBSD Foundation's co-op s
Author: cem
Date: Mon Apr 15 18:40:36 2019
New Revision: 346250
URL: https://svnweb.freebsd.org/changeset/base/346250
Log:
random(4): Block read_random(9) on initial seeding
read_random() is/was used, mostly without error checking, in a lot of
very sensitive places in the kernel -- includ
78 matches
Mail list logo
