mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-11-29 11:02:44 +00:00
Avoid complicated tests of whether devices are present or not, and
enable all harvesting options by default since having them on for devices not present doesn't hurt anything. Leave them on by default since for the most part they are not producing noticable slowdown, and are about to get a lot more efficient. Re-order part of the cheesy entropy process in preparation for its complete removal.
This commit is contained in:
parent
d691852ce6
commit
de328d4a59
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=74063
@ -333,8 +333,8 @@ entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron.
|
|||||||
entropy_save_sz="2048" # Size of the entropy cache files.
|
entropy_save_sz="2048" # Size of the entropy cache files.
|
||||||
entropy_save_num="8" # Number of entropy cache files to save.
|
entropy_save_num="8" # Number of entropy cache files to save.
|
||||||
harvest_interrupt="YES" # Entropy device harvests interrupt randomness
|
harvest_interrupt="YES" # Entropy device harvests interrupt randomness
|
||||||
harvest_ethernet="" # Entropy device harvests ethernet randomness
|
harvest_ethernet="YES" # Entropy device harvests ethernet randomness
|
||||||
harvest_p_to_p="" # Entropy device harvests point-to-point randomness
|
harvest_p_to_p="YES" # Entropy device harvests point-to-point randomness
|
||||||
|
|
||||||
##############################################################
|
##############################################################
|
||||||
### Define source_rc_confs, the mechanism used by /etc/rc.* ##
|
### Define source_rc_confs, the mechanism used by /etc/rc.* ##
|
||||||
|
58
etc/rc
58
etc/rc
@ -123,34 +123,11 @@ case ${harvest_interrupt} in
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
# Steal some code from rc.network to help determine what to enable.
|
|
||||||
case ${network_interfaces} in
|
|
||||||
[Aa][Uu][Tt][Oo])
|
|
||||||
h_network_interfaces="`ifconfig -l`"
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
h_network_interfaces="${network_interfaces}"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
case ${harvest_ethernet} in
|
case ${harvest_ethernet} in
|
||||||
[Nn][Oo])
|
[Nn][Oo])
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
do_ether_harvest=''
|
if [ -w /dev/random ]; then
|
||||||
|
|
||||||
for h_ifn in ${h_network_interfaces}; do
|
|
||||||
eval h_ifconfig_args=\$ifconfig_${h_ifn}
|
|
||||||
case ${h_ifconfig_args} in
|
|
||||||
'')
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
do_ether_harvest=1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
if [ -w /dev/random -a "${do_ether_harvest}" ]; then
|
|
||||||
/sbin/sysctl -w kern.random.sys.harvest_ethernet=1 >/dev/null
|
/sbin/sysctl -w kern.random.sys.harvest_ethernet=1 >/dev/null
|
||||||
echo -n ' ethernet'
|
echo -n ' ethernet'
|
||||||
fi
|
fi
|
||||||
@ -161,22 +138,7 @@ case ${harvest_p_to_p} in
|
|||||||
[Nn][Oo])
|
[Nn][Oo])
|
||||||
;;
|
;;
|
||||||
*)
|
*)
|
||||||
do_p_to_p_harvest=''
|
if [ -w /dev/random ]; then
|
||||||
|
|
||||||
# Other than user ppp, tun* will already exist
|
|
||||||
case "${h_network_interfaces}" in
|
|
||||||
*tun0*)
|
|
||||||
do_p_to_p_harvest=1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
case ${ppp_enable} in
|
|
||||||
[Yy][Ee][Ss])
|
|
||||||
do_p_to_p_harvest=1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
if [ -w /dev/random -a "${do_p_to_p_harvest}" ]; then
|
|
||||||
/sbin/sysctl -w kern.random.sys.harvest_point_to_point=1 >/dev/null
|
/sbin/sysctl -w kern.random.sys.harvest_point_to_point=1 >/dev/null
|
||||||
echo -n ' point_to_point'
|
echo -n ' point_to_point'
|
||||||
fi
|
fi
|
||||||
@ -187,14 +149,6 @@ echo '.'
|
|||||||
|
|
||||||
# First pass at reseeding /dev/random.
|
# First pass at reseeding /dev/random.
|
||||||
#
|
#
|
||||||
# XXX temporary until we can get the entropy
|
|
||||||
# harvesting rate up
|
|
||||||
# Entropy below is not great,
|
|
||||||
# but better than nothing.
|
|
||||||
( ps -efauxww; sysctl -a; date; df -ib; dmesg; ps -efauxww; ) \
|
|
||||||
| dd of=/dev/random bs=8k 2>/dev/null
|
|
||||||
cat /bin/ls | dd of=/dev/random bs=8k 2>/dev/null
|
|
||||||
|
|
||||||
case ${entropy_file} in
|
case ${entropy_file} in
|
||||||
[Nn][Oo] | '')
|
[Nn][Oo] | '')
|
||||||
;;
|
;;
|
||||||
@ -205,6 +159,14 @@ case ${entropy_file} in
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
# XXX temporary until we can get the entropy
|
||||||
|
# harvesting rate up
|
||||||
|
# Entropy below is not great,
|
||||||
|
# but better than nothing.
|
||||||
|
( ps -efauxww; sysctl -a; date; df -ib; dmesg; ps -efauxww; ) \
|
||||||
|
| dd of=/dev/random bs=8k 2>/dev/null
|
||||||
|
cat /bin/ls | dd of=/dev/random bs=8k 2>/dev/null
|
||||||
|
|
||||||
# Configure ccd devices.
|
# Configure ccd devices.
|
||||||
#
|
#
|
||||||
if [ -r /etc/ccd.conf ]; then
|
if [ -r /etc/ccd.conf ]; then
|
||||||
|
Loading…
Reference in New Issue
Block a user