Date: Thu, 8 Aug 2013 13:25:54 -0600 From: Warner Losh <imp@bsdimp.com> To: Andrey Chernov <ache@freebsd.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, Steve Kargl <sgk@troutmask.apl.washington.edu>, secteam@freebsd.org, freebsd-arch@freebsd.org Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <7018AAA9-0A88-430F-96B7-867E5F529B36@bsdimp.com> In-Reply-To: <5203968D.7060508@freebsd.org> References: <20130807182858.GA79286@dragon.NUXI.org> <20130807192736.GA7099@troutmask.apl.washington.edu> <CAGE5yCq%2Bs6kYtVYyxi27RAqPmvpV42nNNykm2%2B2x1EJGCihYXw@mail.gmail.com> <5203968D.7060508@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 8, 2013, at 7:01 AM, Andrey Chernov wrote: > On 08.08.2013 0:20, Peter Wemm wrote: >> That's the main point here. >>=20 >> If I'm running on a working system, I have a reasonable expectation >> that the kernel config I was using yesterday will work sufficiently >> tomorrow that I won't get hosed by doing a 'svn update && make >> buildkernel && make installkernel'. >>=20 >> If that's not the case and there is a required change in order to not >> hose your system then POLA dictates that not making the required >> changes causes a build failure. >>=20 >> There's more leeway on head than a stable branch, but remember that >> when people upgrade from 9.x to 10.x they tend to take their 9.x >> kernel configs and make whatever changes are needed to get it to >> build. The 9-stable -> 10-release config path needs to catch fatal >> errors like this at build time. >>=20 >> Patching GENERIC isn't a complete solution. It doesn't solve the >> 'yesterday it worked, today it's a brick' problem. >=20 > Many years ago I already suggest to de-modularize random (making it = not > optional), with fallback to yarrow if hardware RNGs can't be probed or > not configured. I think that the 'fallback to yarrow' is necessary here. Warner P.S. Where 'yarrow' can easily be read as 'the best software RNG we've = implemented' should that change to something better in the future.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7018AAA9-0A88-430F-96B7-867E5F529B36>