Date: Sun, 16 Apr 2017 12:58:49 +0100 From: Mark R V Murray <markm@FreeBSD.org> To: rgrimes@freebsd.org Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r317015 - in head/sys: boot/forth conf crypto/chacha20 dev/random libkern sys Message-ID: <8814F883-F255-45E4-8FFE-254359B51B38@FreeBSD.org> In-Reply-To: <201704161150.v3GBohYF016403@pdx.rh.CN85.dnsmgr.net> References: <201704161150.v3GBohYF016403@pdx.rh.CN85.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 16 Apr 2017, at 12:50, Rodney W. Grimes = <freebsd@pdx.rh.CN85.dnsmgr.net> wrote: >=20 >> This does not use DES' Chacha20 commit, as I had already completed = the >> testing for it, and received SO@ approval. >>=20 >> DES's commit made Chaha20 a module. This is of no use to = arc4random(9), >> which needs the code to be standard. Also his API is different. >>=20 >> I have no objection to reworking the arc4random/Chacha below to use = DES' >> version of Chacha, but his code needs to be standard library code, >> not an optional module. >>=20 >> Any objections to me doing this? >=20 > Yes >=20 > We need to move towards more modules, not less. Having this standard > does not even allow one to compile a kernel without it. I should be > able to compile a kernel without arc4random(9) and without chacha if > I so desire. And I should be able to load and unload these if I so > desire. This later feature is VERY usefull for developement and > debug cycles. =46rom replacing the rc4 algorithm with chacha20, this chalice has now become poisoned with the job of redesigning the entire structure of kernel random-number generation. This may take a while, and I'm already behind on RNG jobs. > I am sure with careful though we can find a way to allow arc4random > to use a pointer that knows if the chacha code is avaliable, and use > it if so, and if not fall back to something else, or punt with an > error return. Error return is out of the question; arc4random() is pretty fundamental. The alternative is to return no or fake random numbers, which rather misses the point of what this is for. But it can be done. M --=20 Mark R V Murray
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8814F883-F255-45E4-8FFE-254359B51B38>