Page MenuHomeFreeBSD
Differential D53390

random: allow disabling of entropy harvesting from keyboard & mice
ClosedPublic
Actions

Authored by obrien on Oct 28 2025, 5:39 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 19, 11:47 AM
Unknown Object (File)
Sun, Dec 7, 10:44 PM
Unknown Object (File)
Nov 18 2025, 12:03 PM
Unknown Object (File)
Nov 18 2025, 1:29 AM
Unknown Object (File)
Nov 17 2025, 3:42 PM
Unknown Object (File)
Nov 16 2025, 4:27 PM
Unknown Object (File)
Nov 14 2025, 12:47 PM
Unknown Object (File)
Nov 14 2025, 10:52 AM
View All 31 Files
Subscribers
emaste
imp
jhibbits
jmg
riscv

Details

Reviewers
jmg
andrew
manu
Commits
rGd6f10a5d013f: random: allow disabling of entropy harvesting from keyboard & mice

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

obrien created this revision.Oct 28 2025, 5:39 AM
Herald added a reviewer: andrew. · View Herald TranscriptOct 28 2025, 5:39 AM
Herald added a reviewer: andrew. · View Herald Transcript
Herald added a reviewer: manu. · View Herald Transcript
Herald added subscribers: riscv, emaste, imp. · View Herald Transcript
obrien requested review of this revision.Oct 28 2025, 5:39 AM
Harbormaster completed remote builds in B68157: Diff 165181.Oct 28 2025, 5:40 AM
obrien updated this revision to Diff 165267.Oct 28 2025, 11:09 PM

No need to explicitly include opt_global.h

Harbormaster completed remote builds in B68200: Diff 165267.Oct 28 2025, 11:09 PM
obrien updated this revision to Diff 165268.Oct 28 2025, 11:21 PM

Move to DEFAULTS and add tier-2

Herald added a subscriber: jhibbits. · View Herald TranscriptOct 28 2025, 11:21 PM
Harbormaster completed remote builds in B68201: Diff 165268.Oct 28 2025, 11:21 PM
obrien updated this revision to Diff 165269.Oct 28 2025, 11:35 PM

DEFAULTS

Harbormaster completed remote builds in B68202: Diff 165269.Oct 28 2025, 11:35 PM
jhibbits added a comment.Oct 29 2025, 2:07 PM

RANDOM_KEYBOARD and RANDOM_MOUSE can be masked away by sysctls. What is the need to remove them this way?

If your goal is to permit explicitly enabling or disabling random sources at compile time, I suggest going the KTR route, and having a RANDOM_COMPILE mask that defaults to everything enabled, allowing one to configure the random mask in the kernel config. This would centralize all this logic rather than having #ifdefs scattered around for each source.

obrien added a comment.Oct 29 2025, 4:41 PM
In D53390#1220118, @jhibbits wrote:

RANDOM_KEYBOARD and RANDOM_MOUSE can be masked away by sysctls. What is the need to remove them this way?

If your goal is to permit explicitly enabling or disabling random sources at compile time, I suggest going the KTR route, and having a RANDOM_COMPILE mask that defaults to everything enabled, allowing one to configure the random mask in the kernel config. This would centralize all this logic rather than having #ifdefs scattered around for each source.

This is following what's already been established for RANDOM_ENABLE_UMA and RANDOM_ENABLE_ETHER. If that approach is wrong, then all of these enables should be re-architectured. Right now I'm trying to follow the RANDOM_ENABLE_ETHER/RANDOM_ENABLE_UMA precedent for Juniper Networks downstream needs.

obrien removed a reviewer: manu.Oct 31 2025, 6:49 AM
Herald added a reviewer: manu. · View Herald TranscriptOct 31 2025, 6:49 AM
jmg accepted this revision.Nov 10 2025, 5:54 PM
jmg added a subscriber: jmg.

looks good.

Future improvement would be to move these enable options to a opt_random.h or something, and have that included by sys/random.h

This revision is now accepted and ready to land.Nov 10 2025, 5:54 PM
obrien updated this revision to Diff 166188.Nov 11 2025, 1:33 AM

Follow request from https://reviews.freebsd.org/D53460

This revision now requires review to proceed.Nov 11 2025, 1:33 AM
Harbormaster completed remote builds in B68529: Diff 166188.Nov 11 2025, 1:33 AM
obrien removed reviewers: stevek, andrew, manu.Nov 11 2025, 1:33 AM
Herald added a reviewer: andrew. · View Herald TranscriptNov 11 2025, 1:33 AM
Herald added a reviewer: andrew. · View Herald Transcript
Herald added a reviewer: manu. · View Herald Transcript
This revision was not accepted when it landed; it landed in state Needs Review.Nov 11 2025, 4:18 AM
Closed by commit rGd6f10a5d013f: random: allow disabling of entropy harvesting from keyboard & mice (authored by obrien). · Explain Why
This revision was automatically updated to reflect the committed changes.
obrien added a commit: rGd6f10a5d013f: random: allow disabling of entropy harvesting from keyboard & mice.

Revision Contents
Changeset List

PathSize
sys/
amd64/
conf/
2 lines
2 lines
arm/
conf/
2 lines
arm64/
conf/
2 lines
conf/
2 lines
2 lines
dev/
vt/
2 lines
3 lines
powerpc/
conf/
4 lines
4 lines
riscv/
conf/
4 lines

Diff 166194

View Options

sys/amd64/conf/GENERIC

Loading...
View Options

sys/amd64/conf/MINIMAL

Loading...
View Options

sys/arm/conf/GENERIC

Loading...
View Options

sys/arm64/conf/std.arm64

Loading...
View Options

sys/conf/NOTES

Loading...
View Options

sys/conf/options

Loading...
View Options

sys/dev/vt/vt_core.c

Loading...
View Options

sys/dev/vt/vt_sysmouse.c

Loading...
View Options

sys/powerpc/conf/GENERIC64

Loading...
View Options

sys/powerpc/conf/GENERIC64LE

Loading...
View Options

sys/riscv/conf/GENERIC

Loading...