At Mon, 05 Apr 2021 00:14:30 +0200 (CEST), Havard Eidnes <he%NetBSD.org@localhost> wrote: Subject: Re: regarding the changes to kernel entropy gathering > > > What about architectures that have nothing like RDRAND/RDSEED? Are > > they, effectively, totally unsupported now? > > Nope, not entirely. But they have to be seeded once. If they > have storage which survives reboots, and entropy is saved and > restored on reboot, they will be ~fine. BTW, to me reusing the same entropy on every reboot seems less secure. > Systems without persistent storage and also without RDRAND/RDSEED > will however be ... a more challenging problem. Leaving things like that would be totally silly. With my patch the old way of gathering entropy from devices works just fine as it always did, albeit with the second patch it does require a tiny bit of extra configuration. -- Greg A. Woods <gwoods%acm.org@localhost> Kelowna, BC +1 250 762-7675 RoboHack <woods%robohack.ca@localhost> Planix, Inc. <woods%planix.com@localhost> Avoncote Farms <woods%avoncote.ca@localhost>
Attachment:
pgpRJ2ZpQqyMb.pgp
Description: OpenPGP Digital Signature