From nobody Sun Sep 29 15:25:15 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XGp176KM5z5XpGg;
	Sun, 29 Sep 2024 15:25:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4XGp174gntz4kpm;
	Sun, 29 Sep 2024 15:25:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1727623515;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mKfhh/pD7zw7qz/D4Ft8CriW8j71lTfY5q02iFPYT5s=;
	b=k7U4AWEW1/7TW0u4exv+gTFXN9Q2pd91Hxw2kO0R00qcdnygUYxhj8Q+vKWsQ/7J0f5p3u
	NC7xy4pX3plC8y4axfavmBN2sJIl/5z6AbaXARm503Bln62leJ2Koc3VqsYDpKpobmhXWX
	vfkb02/uRzI/CqPF0OP/ZbzCOQpd7Kg0h3WbufFhxwFdj/gd0Vjm/yt4hg4Wxb0I2IDfHQ
	Z8Msvah9Q9VjP/C3u+9UrgpRIUlpWbLym+yJfd4m16mfQ9fw6BqXbE4mYeWSRKqcbdNUgg
	/kpigRBIdbkvkZolmTSr5GqZLB7UCY7Pk0DC0TP8P5TIRNRWESLETvM15vNZhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1727623515;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mKfhh/pD7zw7qz/D4Ft8CriW8j71lTfY5q02iFPYT5s=;
	b=FTdGApQG4nmd+px1pcUIhG7i+a+iS5TFZn6cKFrZ7qGdYKMMPMTc9srWZzUZBFCf7ZRUwc
	JbMgLCTR68Y3lKXEHIhg/kG9KSPutedNp/xJaBEkrrCl30aaLhQzjoO5TMmr7Jyg+c7FxX
	Oekx6ePPJePX+hbLxHSfW3W7yjksKZd/jQ93SeFyAeyjScnn3nPCSfNMzR8+SIddMXb0I5
	fc7u0BblIhFV8xBqmlIM6HTbJ6Gt9joi/5t5iMivazZh8v3dV5qufuzTCseEElhnNJZxxo
	CNvEq4/Wo2WOUP1chqNdT+vCqtBHp5ky7w7B3AZMmdWHWwFgbRtTPEFcgi/Pqg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1727623515; a=rsa-sha256; cv=none;
	b=fZcPa1/b2TxXyr0WX1njCDaQXMR79XRLKL7pQ5ktrZMUDW28EOs3ui2nljcUexzoZOw30A
	gOURoD4SpAn1wAFEcIGNCM7UNFZSO2FAS6pQyA+X5R2oPKoEPGM/kHe/THjKDXuheadz9z
	iZvrFT76d6M16gJBpOm6NRVj77l4ccnQ5HoKcDELDRaAwcbiV+FEYnoQ5C7MRxM6PyXjxY
	8WrM2OEeImdwFb14quYDJq39Lv0IoceYa73kysH1fiWKzrc72iXvPdNLVv0r35ih1Lsp5Q
	yU7Aleq8owWTWOMoIpLIwoC3zbVb6BxZf5039JEXvkcM7sI46g77HJzi8+V33g==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XGp1744g6z1CxR;
	Sun, 29 Sep 2024 15:25:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 48TFPFhT030423;
	Sun, 29 Sep 2024 15:25:15 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 48TFPFs9030420;
	Sun, 29 Sep 2024 15:25:15 GMT
	(envelope-from git)
Date: Sun, 29 Sep 2024 15:25:15 GMT
Message-Id: <202409291525.48TFPFs9030420@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Colin Percival <cperciva@FreeBSD.org>
Subject: git: 0a8ff1989681 - stable/14 - loader: Make EFI entropy
  size configurable
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: cperciva
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 0a8ff1989681f476b9da87a309db25aecd7881c1
Auto-Submitted: auto-generated

The branch stable/14 has been updated by cperciva:

URL: https://cgit.FreeBSD.org/src/commit/?id=0a8ff1989681f476b9da87a309db25aecd7881c1

commit 0a8ff1989681f476b9da87a309db25aecd7881c1
Author:     Colin Percival <cperciva@FreeBSD.org>
AuthorDate: 2024-09-18 11:02:01 +0000
Commit:     Colin Percival <cperciva@FreeBSD.org>
CommitDate: 2024-09-29 15:24:52 +0000

    loader: Make EFI entropy size configurable
    
    Add a new loader variable entropy_efi_seed_size which defaults to 2048;
    if not defined (e.g. if the /boot/lua/ is updated but /boot/defaults/
    isn't) the same 2048 default will be used.
    
    Reviewed by:    Val Packett
    MFC after:      1 week
    Sponsored by:   Amazon
    Differential Revision:  https://reviews.freebsd.org/D46632
    
    (cherry picked from commit f4a69a933cd645e384b337db5ef2ccf41a1ddd5b)
---
 stand/defaults/loader.conf | 8 ++++++--
 stand/lua/core.lua         | 3 ++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/stand/defaults/loader.conf b/stand/defaults/loader.conf
index a5d27b96b6ba..c3de7cdfb74b 100644
--- a/stand/defaults/loader.conf
+++ b/stand/defaults/loader.conf
@@ -48,8 +48,12 @@ entropy_cache_type="boot_entropy_cache"	# Required for the kernel to find
 					# the boot-time entropy cache. This
 					# must not change value even if the
 					# _name above does change!
-entropy_efi_seed="YES"		# Set this to NO to disable loading
-					# entropy from the UEFI hardware random number generator API
+entropy_efi_seed="YES"			# Set this to NO to disable loading
+					# entropy from the UEFI hardware
+					# random number generator API
+entropy_efi_seed_size="2048"		# Set this to a different value to
+					# change the amount of entropy
+					# requested from EFI
 
 ###  RAM Blacklist configuration  ############################
 ram_blacklist_load="NO"			# Set this to YES to load a file
diff --git a/stand/lua/core.lua b/stand/lua/core.lua
index 7b7560ddc820..72b19462ae5c 100644
--- a/stand/lua/core.lua
+++ b/stand/lua/core.lua
@@ -369,7 +369,8 @@ end
 function core.loadEntropy()
 	if core.isUEFIBoot() then
 		if (loader.getenv("entropy_efi_seed") or "no"):lower() == "yes" then
-			loader.perform("efi-seed-entropy")
+			local seedsize = loader.getenv("entropy_efi_seed_size") or "2048"
+			loader.perform("efi-seed-entropy " .. seedsize)
 		end
 	end
 end