Date: Tue, 20 Aug 2013 08:14:32 +0100 From: Mark R V Murray <mark@grondar.org> To: Tim Kientzle <tim@kientzle.com> Cc: =?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no>, secteam@freebsd.org, FreeBSD-arch Arch <freebsd-arch@freebsd.org> Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <FAF7D9AA-77A4-4DE7-828C-4DAC6AF71C5D@grondar.org> In-Reply-To: <B88139AA-B134-4E11-BE4D-B139A311D45F@kientzle.com> References: <20130807183112.GA79319@dragon.NUXI.org> <86pptfnu33.fsf@nine.des.no> <20130815231713.GD76666@x96.org> <20130816002625.GE76666@x96.org> <9B274F48-0C88-4117-BEAC-1A555772A3C5@grondar.org> <86a9kf733d.fsf@nine.des.no> <0C97B866-A169-4141-8368-AA7F5B5382F4@grondar.org> <861u5r71zi.fsf@nine.des.no> <892B11BD-396D-4F82-B97C-753F72CA494D@grondar.org> <86r4dr5j3p.fsf@nine.des.no> <4C1BD77C-8C6B-4044-9285-5978A3BC4B70@kientzle.com> <537622E1-F785-4BFA-B829-09DCDB484606@grondar.org> <932AB5CA-778E-438D-8FD3-8C0F29F3D117@kientzle.com> <F908BF80-538B-4363-ACCC-3D860CBEE359@grondar.org> <71A92486-2213-421E-B3D2-E55816C18924@bsdimp.com> <D218D7B1-AB8B-4A80-A822-A8F0AB1EF43C@grondar.org> <551C488B-D56A-4E9F-8617-17B96D3E7677@bsdimp.com> <B88139AA-B134-4E11-BE4D-B139A311D45F@kientzle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 20 Aug 2013, at 04:12, Tim Kientzle <tim@kientzle.com> wrote: > > I've not heard anyone asking for a run-time switch in > GENERIC. des@ is the main one, and its what we have right now in CURRENT. > I would suggest making that a longer-term option > and having the choice of mixer/conditioner > (Yarrow, Fortuna, or HW passthrough) be > a compile-time choice for now. Too late. :-) Questions needing answering now include "should Yarrow/Fortuna be run-time choosable?", "there are more than two hardware RNGs (Ivy, Nehemiah) in the system, how do we best make them available?", "if more than one HW RNG is present, do we mix them, and how?", "if the requested configuration does not give you a random number supply, does the system block or panic?". >>>> I'd go so far as to say that if you have random in your kernel, then you need to specify some "filter" or you get a compile-time error. Specifying yarrow via DEFAULTS or std.foo is fine by me, since both of those can be overriden fairly easily.... I'd also think we'd want to FAIL_PANIC or FAIL_BLOCKING, and have that choice hard wired at some level too, to be explicit about things. But maybe that's gilding things a bit too much and a tunable would suffice… >>> >>> Won't sell. Folks are saying they want the choice of the raw output. In GENERIC. > > I've not heard anyone asking for raw output in GENERIC. There have been a couple. Again des@ is the one I remember most clearly off the top of my head. M -- Mark R V Murray [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) Comment: GPGTools - http://gpgtools.org iQCVAwUBUhMXXt58vKOKE6LNAQpnVgP/SpHWG57QnGkwzVlIHAMIRPamtG5EUfn9 Cxyd9t8oIe/Wgmut7IIdBJhCc8TiuiP5fMR9W8qDeQaU4uKuW2GjQXaHnBRwDKE7 jxIx6nzkaOFDtfCRKRESbOO80Zv+4LteRZ1xvGwqEaigtZzVu2ZsevW2JCJ8OWOj VyIidYtffnU= =N0gm -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FAF7D9AA-77A4-4DE7-828C-4DAC6AF71C5D>