On Tue, 14 Jun 2016, Etienne Champetier wrote:
2016-06-14 9:08 GMT+02:00 Felix Fietkau <n...@nbd.name>:
On 2016-06-13 22:10, Etienne Champetier wrote:
Hi John, Felix,
2016-06-13 13:55 GMT+02:00 John Crispin <j...@phrozen.org>:
On 13/06/2016 00:56, Etienne Champetier wrote:
Hi Felix,
2016-06-12 12:45 GMT+02:00 Felix Fietkau <n...@nbd.name>:
On 2016-06-11 08:37, Etienne CHAMPETIER wrote:
lets add a system.system.write_state_to_flash_on_boot=0/1 uci option and
lock this and the dnssec time stuff with it and default it to 0
Security can't be opt in !
When you see "random: ubus urandom read with 4 bits of entropy
available" let's hope it's not security sensitive, because 2^4 will
not take a lot of time to bruteforce...
First of all, the kernel entropy estimation is *really* pessimistic, so
there will be a lot more random bits at this point than just 4.
Before we try to minimize writes, how much writes are we talking about?
my openwrt routers have multiple months of uptime, and even if we get
down to 1 week, that gets us to 53 writes a year.
How much writes can a flash handle these days?
I'm more concerned about the worst case than the average case here.
There are people that do a forced reboot every day (as a stability
workaround), or only power up their devices during specific times of the
day (multiple reboots per day). This can easily add up to bigger numbers.
Also, adding something like this makes other people want to add even
more stuff that writes to flash on every boot, as you've so clearly
demonstrated by pointing out that this behavior are already done for
dnssec/dnsmasq.
Ok, let's find a middle ground :)
What about saving a seed if there is none (on boot), and then using an
ntp hotplug (stratum event) and save a new seed if older than say 1
week?
The worst thing that you can do is to use the same seed on multiple boots.
David Lang
_______________________________________________
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev
