svn commit: r256087 - in projects/random_number_generator/etc: defaults rc.d

[Mark Murray]

Author: markm
Date: Sun Oct  6 12:43:42 2013
New Revision: 256087
URL: http://svnweb.freebsd.org/changeset/base/256087

Log:
  As userland writing to /dev/random is no more, remove the "better than nothing" bootstrap mode.
  
  Add SWI harvesting to the mix.
  
  My box seeds Yarrow by itself in a few seconds! YMMV; more to follow.

Modified:
  projects/random_number_generator/etc/defaults/rc.conf
  projects/random_number_generator/etc/rc.d/initrandom

Modified: projects/random_number_generator/etc/defaults/rc.conf
==============================================================================
--- projects/random_number_generator/etc/defaults/rc.conf	Sun Oct  6 12:40:32 2013	(r256086)
+++ projects/random_number_generator/etc/defaults/rc.conf	Sun Oct  6 12:43:42 2013	(r256087)
@@ -651,6 +651,7 @@ entropy_save_num="8"	# Number of entropy
 harvest_interrupt="YES"	# Entropy device harvests interrupt randomness
 harvest_ethernet="YES"	# Entropy device harvests ethernet randomness
 harvest_p_to_p="YES"	# Entropy device harvests point-to-point randomness
+harvest_swi="YES"	# Entropy device harvests internal SWI randomness
 dmesg_enable="YES"	# Save dmesg(8) to /var/run/dmesg.boot
 watchdogd_enable="NO"	# Start the software watchdog daemon
 watchdogd_flags=""	# Flags to watchdogd (if enabled)

Modified: projects/random_number_generator/etc/rc.d/initrandom
==============================================================================
--- projects/random_number_generator/etc/rc.d/initrandom	Sun Oct  6 12:40:32 2013	(r256086)
+++ projects/random_number_generator/etc/rc.d/initrandom	Sun Oct  6 12:43:42 2013	(r256087)
@@ -14,26 +14,6 @@ name="initrandom"
 start_cmd="initrandom_start"
 stop_cmd=":"
 
-feed_dev_random()
-{
-	if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
-		cat "${1}" | dd of=/dev/random bs=8k 2>/dev/null
-	fi
-}
-
-better_than_nothing()
-{
-	# XXX temporary until we can improve the entropy
-	# harvesting rate.
-	# Entropy below is not great, but better than nothing.
-	# This unblocks the generator at startup
-	# Note: commands are ordered to cause the most variance across reboots.
-	( kenv; dmesg; df -ib; ps -fauxww; date; sysctl -a ) \
-	    | dd of=/dev/random bs=8k 2>/dev/null
-	/sbin/sha256 -q `sysctl -n kern.bootfile` \
-	    | dd of=/dev/random bs=8k 2>/dev/null
-}
-
 initrandom_start()
 {
 	soft_random_generator=`sysctl kern.random 2>/dev/null`
@@ -63,23 +43,15 @@ initrandom_start()
 			else
 				${SYSCTL} kern.random.sys.harvest.point_to_point=0 >/dev/null
 			fi
-		fi
 
-		# First pass at reseeding /dev/random.
-		#
-		case ${entropy_file} in
-		[Nn][Oo] | '')
-			;;
-		*)
-			if [ -w /dev/random ]; then
-				feed_dev_random "${entropy_file}"
+			if checkyesno harvest_swi; then
+				${SYSCTL} kern.random.sys.harvest.swi=1 >/dev/null
+				echo -n ' swi'
+			else
+				${SYSCTL} kern.random.sys.harvest.swi=0 >/dev/null
 			fi
-			;;
-		esac
-
-		better_than_nothing
+		fi
 
-		echo -n ' kickstart'
 	fi
 
 	echo '.'