Jonathan Anderson <jonat...@freebsd.org> writes: > For instance: on an embedded board with few devices, that uses FDT > rather than bus enumeration whatsits, perhaps the time is more > deterministic and therefore yields less entropy.
The idea is that attach() initializes the hardware, which is where the unpredictability comes from. Yes, embedded devices will certainly have less of it, but they will still have *some*. And yes, we need data, which is why when I proposed this last week I also proposed a scheme to record what we feed into Yarrow pre-boot so we could inspect it and compare it across multiple boots. DES -- Dag-Erling Smørgrav - d...@des.no _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
