**To**:**gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,schaecsn%gmx.net@localhost****Subject**:**Re: bin/55917: /etc/rc.d/cgd stalls on encrypted swap partitions****From**:**Stefan Schaeckeler <schaecsn%gmx.net@localhost>**- Date: Sun, 10 Jan 2021 23:40:01 +0000 (UTC)

The following reply was made to PR bin/55917; it has been noted by GNATS. From: Stefan Schaeckeler <schaecsn%gmx.net@localhost> To: riastradh%NetBSD.org@localhost Cc: gnats-bugs%NetBSD.org@localhost Subject: Re: bin/55917: /etc/rc.d/cgd stalls on encrypted swap partitions Date: Sun, 10 Jan 2021 15:39:37 -0800 (PST) Hello Taylor, > If randomkey stalls at boot when you try to configure cgd, that > indicates that you probably don't have enough entropy to safely > generate an unpredictable key. This is my entropy right before the call to cgdconfig in /etc/rc.d/cgd: - - - snip - - - rndctl -slv Source Bits Type Flags cd0 0 disk estimate, collect, v, t, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 sd1 0 disk estimate, collect, v, t, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 ums0 0 tty estimate, collect, v, t, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 uhid1 0 tty estimate, collect, v, t, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 uhid0 0 tty estimate, collect, v, t, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 ukbd0 0 tty estimate, collect, v, t, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 sd0 55 disk estimate, collect, v, t, dt Dt samples = 43 Dt bits = 43 Dv samples = 43 Dv bits = 21 wd0 592 disk estimate, collect, v, t, dt Dt samples = 324 Dt bits = 324 Dv samples = 324 Dv bits = 206 cpu3 0 vm estimate, collect, v, t, dv Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 cpu2 1 vm estimate, collect, v, t, dv Dt samples = 1 Dt bits = 1 Dv samples = 1 Dv bits = 1 cpu1 0 vm estimate, collect, v, t, dv Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 cpu0 7 vm estimate, collect, v, t, dv Dt samples = 7 Dt bits = 7 Dv samples = 7 Dv bits = 7 coretemp1-cpu1 0 env estimate, collect, v, t, dv, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 coretemp0-cpu0 0 env estimate, collect, v, t, dv, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 re0 0 net v, t, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 system-power 0 power estimate, collect, v, t, dt Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 autoconf 163 ??? estimate, collect, t, dt Dt samples = 83 Dt bits = 83 Dv samples = 83 Dv bits = 0 printf 0 ??? collect Dt samples = 0 Dt bits = 0 Dv samples = 0 Dv bits = 0 callout 133 skew estimate, collect, v, dv Dt samples = 67 Dt bits = 67 Dv samples = 67 Dv bits = 67 704 bits mixed into pool 0 bits currently stored in pool (max 4096) 0 bits of entropy discarded due to full pool 704 hard-random bits generated 4416 pseudo-random bits generated - - - snip - - - I get most of the entropy, but not enough, from my boot disk wd0. How are other systems able to generate more entropy right at the start of the boot process in /etc/rc.d/cgd? Stefan

