Re: bin/55917: /etc/rc.d/cgd stalls on encrypted swap partitions

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,schaecsn%gmx.net@localhost
Subject: Re: bin/55917: /etc/rc.d/cgd stalls on encrypted swap partitions
From: Stefan Schaeckeler <schaecsn%gmx.net@localhost>
Date: Sun, 10 Jan 2021 23:40:01 +0000 (UTC)

The following reply was made to PR bin/55917; it has been noted by GNATS.

From: Stefan Schaeckeler <schaecsn%gmx.net@localhost>
To: riastradh%NetBSD.org@localhost
Cc: gnats-bugs%NetBSD.org@localhost
Subject: Re: bin/55917: /etc/rc.d/cgd stalls on encrypted swap partitions
Date: Sun, 10 Jan 2021 15:39:37 -0800 (PST)

 Hello Taylor,
 
 > If randomkey stalls at boot when you try to configure cgd, that
 > indicates that you probably don't have enough entropy to safely
 > generate an unpredictable key.
 
 This is my entropy right before the call to cgdconfig in /etc/rc.d/cgd:
 
 - - - snip - - -
 rndctl -slv
 Source                 Bits Type      Flags
 cd0                       0 disk estimate, collect, v, t, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 sd1                       0 disk estimate, collect, v, t, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 ums0                      0 tty  estimate, collect, v, t, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 uhid1                     0 tty  estimate, collect, v, t, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 uhid0                     0 tty  estimate, collect, v, t, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 ukbd0                     0 tty  estimate, collect, v, t, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 sd0                      55 disk estimate, collect, v, t, dt
 	Dt samples = 43
 	Dt bits = 43
 	Dv samples = 43
 	Dv bits = 21
 wd0                     592 disk estimate, collect, v, t, dt
 	Dt samples = 324
 	Dt bits = 324
 	Dv samples = 324
 	Dv bits = 206
 cpu3                      0 vm   estimate, collect, v, t, dv
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 cpu2                      1 vm   estimate, collect, v, t, dv
 	Dt samples = 1
 	Dt bits = 1
 	Dv samples = 1
 	Dv bits = 1
 cpu1                      0 vm   estimate, collect, v, t, dv
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 cpu0                      7 vm   estimate, collect, v, t, dv
 	Dt samples = 7
 	Dt bits = 7
 	Dv samples = 7
 	Dv bits = 7
 coretemp1-cpu1            0 env  estimate, collect, v, t, dv, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 coretemp0-cpu0            0 env  estimate, collect, v, t, dv, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 re0                       0 net  v, t, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 system-power              0 power estimate, collect, v, t, dt
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 autoconf                163 ???  estimate, collect, t, dt
 	Dt samples = 83
 	Dt bits = 83
 	Dv samples = 83
 	Dv bits = 0
 printf                    0 ???  collect
 	Dt samples = 0
 	Dt bits = 0
 	Dv samples = 0
 	Dv bits = 0
 callout                 133 skew estimate, collect, v, dv
 	Dt samples = 67
 	Dt bits = 67
 	Dv samples = 67
 	Dv bits = 67
 	      704 bits mixed into pool
 	        0 bits currently stored in pool (max 4096)
 	        0 bits of entropy discarded due to full pool
 	      704 hard-random bits generated
 	     4416 pseudo-random bits generated
 - - - snip - - -
 
 I get most of the entropy, but not enough, from my boot disk wd0.
 
 How are other systems able to generate more entropy right at the start of the boot process in /etc/rc.d/cgd?
 
  Stefan

Prev by Date: PR/55715 CVS commit: src/tests/lib/libc/gen
Next by Date: PR/55458 CVS commit: src/sys/kern
Previous by Thread: Re: bin/55917: /etc/rc.d/cgd stalls on encrypted swap partitions
Next by Thread: misc/55918: send-pr.el is not compatible with Emacs 27
Indexes:

Home | Main Index | Thread Index | Old Index