Date: Wed, 7 Aug 2013 11:52:35 -0700 From: Peter Wemm <peter@wemm.org> To: obrien@freebsd.org, Philip Paeps <philip@freebsd.org>, secteam@freebsd.org, freebsd-arch@freebsd.org, Arthur Mesh <arthurmesh@gmail.com> Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <CAGE5yCq-yYGn_PBnSinR5cx-yLuF86CZvnfKQkqFUzJ7qCtEXA@mail.gmail.com> In-Reply-To: <20130807183112.GA79319@dragon.NUXI.org> References: <20130731104009.GG59509@rincewind.paeps.cx> <20130807183112.GA79319@dragon.NUXI.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 7, 2013 at 11:31 AM, David O'Brien <obrien@freebsd.org> wrote: [..] >> Please change YARROW_RNG to >> RNG_NO_YARROW or something similar and keep it in by default. > > Given the direction of the patch, I'm don't know how to cleanly inverse > logic this. If you were going to go this route you would put "options YARROW_RNG" into $ARCH/conf/DEFAULTS and let people disable it with 'nooptions YARROW_RNG'. 'device random' should probably be a default option alongside it too though given how badly things fail without it. Especially given: > * If the kernel doesn't have any random_adaptor adapters present then the > creation of /dev/random is postponed until next random_adaptor is kldload'ed. Postponing can't really be done. That's a good way to remotely brick a machine. I'd be more inclined to have it be a panic offense if 'device random' is present with no sources. -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI6FJV UTF-8: for when a ' just won\342\200\231t do. <brueffer> ZFS must be the bacon of file systems. "everything's better with ZFS"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGE5yCq-yYGn_PBnSinR5cx-yLuF86CZvnfKQkqFUzJ7qCtEXA>