On Wed, Nov 23, 2011 at 12:06:26PM +0100, Christoph Egger wrote: > On 11/23/11 11:47, Thor Lancelot Simon wrote: > >Module Name: src > >Committed By: tls > >Date: Wed Nov 23 10:47:50 UTC 2011 > > > >Modified Files: > > src/distrib/sets/lists/etc: mi > > src/etc/defaults: rc.conf > > src/etc/rc.d: Makefile > > src/sbin/rndctl: rndctl.8 rndctl.c > > src/sys/dev: rnd.c > > src/sys/secmodel/securelevel: secmodel_securelevel.c > > src/sys/secmodel/suser: secmodel_suser.c > > src/sys/sys: kauth.h rnd.h > >Added Files: > > src/etc/rc.d: random_seed > > > >Log Message: > >Load entropy at system boot (only works at securelevel< 1); save > >at system shutdown. Disable with random_seed=NO in rc.conf if desired. > > > >Goes to some trouble to never load or save to network filesystems. > > > >Entropy should really be loaded by the boot loader but I am still > >sorting out how to pass it to the kernel. > > How about passing it as a module similar to the multiboot technique?
Can't make one of those without an ELF toolchain, right? The basic idea's about right, but I actually need something less sophisticated in its packaging -- a way to just give the kernel the address of blob-of-stuff the bootloader's dropped into place for it, so the entropy pool code can just take it and prime itself. Thor
