FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F14.2 2024-05-03T20:25:24Z 2024-05-03T20:25:24Z Fernando Apesteguía fernape@FreeBSD.org 2023-09-07T08:28:43Z urn:sha1:227f81c8bd0f60176519276839b24b468afce0bc Succinct manual page for save-entropy(8). PR: 223998 Reported by: AJ Jordan <alex+freebsd@strugee.net> Reviewed by: carlavilla@, delphij@, lwhsu@, pauamma_gundo.com Approved by: delphi, lwhsu (src) Differential Revision: https://reviews.freebsd.org/D41768 (cherry picked from commit 8dc9b10e388da19d63b3dd718a8243e8e969091d) 2023-08-16T17:55:03Z Warner Losh imp@FreeBSD.org 2023-08-16T17:55:03Z urn:sha1:d0b2dbfa0ecf2bbc9709efc5e20baf8e4b44bbbf Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/ 2023-05-12T16:44:03Z Warner Losh imp@FreeBSD.org 2023-05-10T15:40:58Z urn:sha1:4d846d260e2b9a3d4d0a701462568268cbfe7a5b The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch up to that fact and revert to their recommended match of BSD-2-Clause. Discussed with: pfg MFC After: 3 days Sponsored by: Netflix 2019-11-30T20:06:53Z Xin LI delphij@FreeBSD.org 2019-11-30T20:06:53Z urn:sha1:46413cedf7efc0551beee17a323101632f41ac98 Before this commit, the save-entropy script rotates entropy files like logs. This involves creating a new file that holds the entropy and renaming of all existing entropy files. However, the entropy data do not really need to be kept in a particular order, and replacing the oldest file is sufficient. This commit replaces the rotation with a scan in the [1..entropy_save_num] space that finds the first empty slot, or the slot of the oldest file, and writes entropy into that slot. This also fixes an issue that prevents save-entropy from saving any entropy when there is one non-regular file in any slot as a side effect. Based on an earlier patch from peterj@. PR: 134225 Reported by: peterj Reviewed by: csprng (cem, markm) MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D22612 2019-05-22T21:47:17Z Conrad Meyer cem@FreeBSD.org 2019-05-22T21:47:17Z urn:sha1:26c49788438fc002e2b89695210724b9e5ec706e Tag saved entropy files as "nodump," to signal that the files should not be backed up by dump(8) or other automated backup software that honors the file flag. Do not produce an error if the target file resides on a filesystem that does not support file flags (e.g., msdos /boot). Reviewed by: delphij Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D20358 2019-03-31T04:57:50Z Conrad Meyer cem@FreeBSD.org 2019-03-31T04:57:50Z urn:sha1:c849485d9061ee5c7e975ba7cef93f3361a8e7ad The goal of saving entropy in Fortuna is two-fold: (1) to provide early availability of the random device (unblocking) on next boot; and (2), to have known, high-quality entropy available for that initial seed. We know it is high quality because it's output taken from Fortuna. The FS&K paper makes it clear that Fortuna unblocks when enough bits have been input that the output //may// be safely seeded. But they emphasize that the quality of various entropy sources is unknown, and a saved entropy file is essential for both availability and ensuring initial unpredictability. In FreeBSD we persist entropy using two mechanisms: 1. The /etc/rc.d/random shutdown() function, which is used for ordinary shutdowns and reboots; and, 2. A cron job that runs every dozen minutes or so to persist new entropy, in case the system suffers from power loss or a crash (bypassing the ordinary shutdown path). Filesystems are free to cache dirty data indefinitely, with arbitrary flush policy. Fsync must be used to ensure the data is persisted, especially for the cron job save-entropy, whose entire goal is power loss and crash safe entropy persistence. Ordinary shutdown may not need the fsync because unmount should flush out the dirty entropy file shortly afterwards. But it is always possible power loss or crash occurs during the short window after rc.d/random shutdown runs and before the filesystem is unmounted, so the additional fsync there seems harmless. PR: 230876 Reviewed by: delphij, markj, markm Approved by: secteam (delphij) Differential Revision: https://reviews.freebsd.org/D19742 2017-11-27T15:25:02Z Pedro F. Giffuni pfg@FreeBSD.org 2017-11-27T15:25:02Z urn:sha1:e6209940dee96d8deed5ee7c2b2663512dd55db9 Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. No functional change intended. 2015-06-13T19:20:56Z Simon J. Gerraty sjg@FreeBSD.org 2015-06-13T19:20:56Z urn:sha1:ccfb965433c67f3bda935a3cdf334be2e3c4348d Off by default, build behaves normally. WITH_META_MODE we get auto objdir creation, the ability to start build from anywhere in the tree. Still need to add real targets under targets/ to build packages. Differential Revision: D2796 Reviewed by: brooks imp 2015-06-11T04:22:17Z Simon J. Gerraty sjg@FreeBSD.org 2015-06-11T04:22:17Z urn:sha1:5b381db8cc67dd85695c49a85893ac7a5a612f42 For meta mode we will want objdirs. Differential Revision: D2748 Reviewed by: brooks imp 2015-06-08T23:35:17Z Simon J. Gerraty sjg@FreeBSD.org 2015-06-08T23:35:17Z urn:sha1:44d314f704764f0247a540648a4b4fc3e8012133