Date: Mon, 6 Nov 2017 07:30:35 +0100
From: Maxime Villard <max%m00nbsd.net@localhost>
I would like to use a system similar to the /var/db/entropy-file
implementation. That is to say, when running the system generates
/var/db/random-file, which would contain at least 256bytes of random
data. When booting the bootloader reads this file, can use some of
its bytes to get random values. It then gives the file to the
prekern which will use some other parts of it. The prekern finally
gives the file to the kernel which can use the rest.
Seems to me we should just use one file, and the bootloader should use
it as a seed for a PRNG from which it draws
(a) kaslr bits, and
(b) a seed for the entropy pool (which is currently just /var/db/entropy)
The bootloader already reads a file. Teaching it to have a small
cryptographic PRNG shouldn't be too hard. I'm still sitting on a
draft Keccak-based entropy pool, whose Keccak implementation
(https://mumble.net/~campbell/hg/sha3/keccak.c) likely fits in the
constraints of a bootloader.