From owner-freebsd-arch@FreeBSD.ORG Thu Aug 8 19:25:59 2013 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3A721F0A for ; Thu, 8 Aug 2013 19:25:59 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from mail-ie0-f181.google.com (mail-ie0-f181.google.com [209.85.223.181]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 06A132DAA for ; Thu, 8 Aug 2013 19:25:58 +0000 (UTC) Received: by mail-ie0-f181.google.com with SMTP id x14so2448619ief.26 for ; Thu, 08 Aug 2013 12:25:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-gm-message-state:sender:subject:mime-version:content-type:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=IUXji+VWca5xoxKFdH2rdA2BeJhkPOxs8HWA60HVZAk=; b=V/eHvmvrWo0L9d65BFtssy6WHGmb7ncEdQYHzxLg6q5JHPVKosnxaZMuvz2rXRk7Cp N95iwy0wzvd/Oyg5P/vbCvH3cmw6vwPeGh51T7+hLpXmofnZcSMgdqPvAiR7DZY+BOG4 J9rjMXL8BPm8+o/Tvi+ZzzOn1jHO0ZF034C2cAg9wzQanzDrnn36Ch5D6GlNdbPppVM/ Aq5DxxQGbGDnJNnvckk9LzGt8Lpmiz+OQp5XY7R80xmkZnJS/1KU3g+Rf7p9tMjntm/P eKo9WjsYMlk1kU7kAF0P/L0ZWPxlciN3rVXddEW43bJKRKaTGp5njPM8LtNsvE3iWZKb fuXA== X-Gm-Message-State: ALoCoQnG0keu9uGvAIlQBgLSPB6643GTPoExe6mHRO+bQCqe7tI7ChRRa4pH6Do1nhrI2Y5Qmvqk X-Received: by 10.43.0.67 with SMTP id nl3mr2884105icb.2.1375989958191; Thu, 08 Aug 2013 12:25:58 -0700 (PDT) Received: from monkey-bot.int.fusionio.com ([209.117.142.2]) by mx.google.com with ESMTPSA id cl4sm46914igc.1.2013.08.08.12.25.56 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 08 Aug 2013 12:25:57 -0700 (PDT) Sender: Warner Losh Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Mime-Version: 1.0 (Apple Message framework v1085) Content-Type: text/plain; charset=us-ascii From: Warner Losh In-Reply-To: <5203968D.7060508@freebsd.org> Date: Thu, 8 Aug 2013 13:25:54 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: <7018AAA9-0A88-430F-96B7-867E5F529B36@bsdimp.com> References: <20130807182858.GA79286@dragon.NUXI.org> <20130807192736.GA7099@troutmask.apl.washington.edu> <5203968D.7060508@freebsd.org> To: Andrey Chernov X-Mailer: Apple Mail (2.1085) Cc: Arthur Mesh , Steve Kargl , secteam@freebsd.org, freebsd-arch@freebsd.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Aug 2013 19:25:59 -0000 On Aug 8, 2013, at 7:01 AM, Andrey Chernov wrote: > On 08.08.2013 0:20, Peter Wemm wrote: >> That's the main point here. >>=20 >> If I'm running on a working system, I have a reasonable expectation >> that the kernel config I was using yesterday will work sufficiently >> tomorrow that I won't get hosed by doing a 'svn update && make >> buildkernel && make installkernel'. >>=20 >> If that's not the case and there is a required change in order to not >> hose your system then POLA dictates that not making the required >> changes causes a build failure. >>=20 >> There's more leeway on head than a stable branch, but remember that >> when people upgrade from 9.x to 10.x they tend to take their 9.x >> kernel configs and make whatever changes are needed to get it to >> build. The 9-stable -> 10-release config path needs to catch fatal >> errors like this at build time. >>=20 >> Patching GENERIC isn't a complete solution. It doesn't solve the >> 'yesterday it worked, today it's a brick' problem. >=20 > Many years ago I already suggest to de-modularize random (making it = not > optional), with fallback to yarrow if hardware RNGs can't be probed or > not configured. I think that the 'fallback to yarrow' is necessary here. Warner P.S. Where 'yarrow' can easily be read as 'the best software RNG we've = implemented' should that change to something better in the future.