Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Workaround lack of boottime entropy for GFE environments #2296

Open
wants to merge 2 commits into
base: dev
Choose a base branch
from

Conversation

bsdjhb
Copy link
Collaborator

@bsdjhb bsdjhb commented Jan 22, 2025

  • random: Add a kernel option to reduce the default fortuna poolsize
  • GFE: Weaken the PRNG for FPGA kernels

This hack is insecure, but prevents blocking waiting for entropy in
environments without boot-time entropy such as existing FPGA setups.
This can be removed in the future if our cores are updated to
implement the Zkr extension.
@bsdjhb
Copy link
Collaborator Author

bsdjhb commented Jan 23, 2025

@PeterRugg is this something you can test?

@PeterRugg
Copy link

Thanks: I'll give it a go if I can get a Jenkins build

@PeterRugg
Copy link

Sorry, getting back to this now: seems pull requests don't auto build on Jenkins? Is there any chance someone can point me to the cheribuild incantation I need to build a GFE VCU118 kernel?

@jrtc27
Copy link
Member

jrtc27 commented Jan 29, 2025

They do but don't get archived as that would consume too much space. Something like cheribuild {cheribsd,disk-image-mfs-root,cheribsd-mfs-root-kernel}-riscv64-purecap

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants