freebsd-nq/sys/dev/random
Conrad Meyer 3782136ff1 random(4): Restore availability tradeoff prior to r346250
As discussed in that commit message, it is a dangerous default.  But the
safe default causes enough pain on a variety of platforms that for now,
restore the prior default.

Some of this is self-induced pain we should/could do better about; for
example, programmatic CI systems and VM managers should introduce entropy
from the host for individual VM instances.  This is considered a future work
item.

On modern x86 and Power9 systems, this may be wholly unnecessary after
D19928 lands (even in the non-ideal case where early /boot/entropy is
unavailable), because they have fast hardware random sources available early
in boot.  But D19928 is not yet landed and we have a host of architectures
which do not provide fast random sources.

This change adds several tunables and diagnostic sysctls, documented
thoroughly in UPDATING and sys/dev/random/random_infra.c.

PR:		230875 (reopens)
Reported by:	adrian, jhb, imp, and probably others
Reviewed by:	delphij, imp (earlier version), markm (earlier version)
Discussed with:	adrian
Approved by:	secteam(delphij)
Relnotes:	yeah
Security:	related
Differential Revision:	https://reviews.freebsd.org/D19944
2019-04-18 20:48:54 +00:00
..
build.sh Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
darn.c random: Add PowerPC 'darn' instruction entropy source 2018-08-17 03:49:07 +00:00
fortuna.c random(4): Block read_random(9) on initial seeding 2019-04-15 18:40:36 +00:00
fortuna.h
hash.c Fortuna: Add Chacha20 as an alternative stream cipher 2019-03-08 01:17:20 +00:00
hash.h Fortuna: Add Chacha20 as an alternative stream cipher 2019-03-08 01:17:20 +00:00
ivy.c
nehemiah.c Remove unused error return from API that cannot fail 2018-02-23 20:15:19 +00:00
other_algorithm.c Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
other_algorithm.h Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
random_harvestq.c random(4): Block read_random(9) on initial seeding 2019-04-15 18:40:36 +00:00
random_harvestq.h Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
random_infra.c random(4): Restore availability tradeoff prior to r346250 2019-04-18 20:48:54 +00:00
randomdev.c random(4): Restore availability tradeoff prior to r346250 2019-04-18 20:48:54 +00:00
randomdev.h random(4): Restore availability tradeoff prior to r346250 2019-04-18 20:48:54 +00:00
uint128.h Fortuna: Add Chacha20 as an alternative stream cipher 2019-03-08 01:17:20 +00:00
unit_test.c Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
unit_test.h Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00