From owner-freebsd-arch@freebsd.org Sun Dec 1 22:37:40 2019 Return-Path: Delivered-To: freebsd-arch@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0BD791BB93F for ; Sun, 1 Dec 2019 22:37:40 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 47R36C5h5kz4LyG for ; Sun, 1 Dec 2019 22:37:39 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: by mailman.nyi.freebsd.org (Postfix) id C14151BB93E; Sun, 1 Dec 2019 22:37:39 +0000 (UTC) Delivered-To: arch@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C0FCA1BB93C for ; Sun, 1 Dec 2019 22:37:39 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: from mail-oi1-f175.google.com (mail-oi1-f175.google.com [209.85.167.175]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47R36B5nXpz4LyF for ; Sun, 1 Dec 2019 22:37:38 +0000 (UTC) (envelope-from cse.cem@gmail.com) Received: by mail-oi1-f175.google.com with SMTP id x21so23587337oic.0 for ; Sun, 01 Dec 2019 14:37:38 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to; bh=RhqQYo0shFfJ/2KCX502/3D27J3VxDCS+X/uH7mwkb8=; b=LzWhmFmdEq7t/KAAzVuyubrqwbH2aeLDAv651mDhgDPhr2hLstrAsSYYvUJ4wXA/XP 00KZOnBaSADJjTvjzaSSnpVf8R7TI5e1r4PE3xEiCKytqfeiJS9j+5FOFAE5aOUpCLGM UEdKV0Jwy2GIHgveILVsjbXZ0LNGnlAtLbHCY1t7xqnsae/utWWmeeMaq/92VBfMKPtb +i/yGtGAPUEx05wwb0HlLB/UzYeZSaH38s/O842qq6O4xOjh4L/JFkMbvibrCVzBhCB8 rWyGJp+0sqcgxskugQ4LXgpKyur1weCQgmYgbxp3DggLNkvUC8AWslgIOkeekoQwlp7M VAEw== X-Gm-Message-State: APjAAAU48LERS87O4m6VHQTBTX4Et9XCv7NI4+VpM+Ud++jZ38MlIAHX WjzmGoFqIbF9ur0gBJNiQQtRztos X-Google-Smtp-Source: APXvYqz8yuJAMqPF6eP0AhwP1nw3swqYOhcN5jx60ZUilxdUkxCSYiMwbDVv/KPZhTf/5ase5tf9NQ== X-Received: by 2002:a05:6808:906:: with SMTP id w6mr20051259oih.122.1575239857040; Sun, 01 Dec 2019 14:37:37 -0800 (PST) Received: from mail-oi1-f179.google.com (mail-oi1-f179.google.com. [209.85.167.179]) by smtp.gmail.com with ESMTPSA id b4sm5399586oic.22.2019.12.01.14.37.36 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 01 Dec 2019 14:37:36 -0800 (PST) Received: by mail-oi1-f179.google.com with SMTP id k196so14316235oib.2 for ; Sun, 01 Dec 2019 14:37:36 -0800 (PST) X-Received: by 2002:aca:aacf:: with SMTP id t198mr3892397oie.135.1575239856589; Sun, 01 Dec 2019 14:37:36 -0800 (PST) MIME-Version: 1.0 References: <40710.1575238505@kaos.jnpr.net> In-Reply-To: <40710.1575238505@kaos.jnpr.net> Reply-To: cem@freebsd.org From: Conrad Meyer Date: Sun, 1 Dec 2019 14:37:25 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Killing RANDOM_LOADABLE? To: "Simon J. Gerraty" , "freebsd-arch@freebsd.org" X-Rspamd-Queue-Id: 47R36B5nXpz4LyF X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of csecem@gmail.com designates 209.85.167.175 as permitted sender) smtp.mailfrom=csecem@gmail.com X-Spamd-Result: default: False [-2.10 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[cem@freebsd.org]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; REPLYTO_ADDR_EQ_FROM(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; FORGED_SENDER(0.30)[cem@freebsd.org,csecem@gmail.com]; SUBJECT_ENDS_QUESTION(1.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; R_DKIM_NA(0.00)[]; TAGGED_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_NEQ_ENVFROM(0.00)[cem@freebsd.org,csecem@gmail.com]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[arch@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; MIME_TRACE(0.00)[0:+,1:+,2:~]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[175.167.85.209.list.dnswl.org : 127.0.5.0]; IP_SCORE(-1.10)[ip: (-0.33), ipnet: 209.85.128.0/17(-3.16), asn: 15169(-1.94), country: US(-0.05)]; RWL_MAILSPIKE_POSSIBLE(0.00)[175.167.85.209.rep.mailspike.net : 127.0.0.17]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Dec 2019 22:37:40 -0000 Hi Simon, On Sun, Dec 1, 2019 at 14:19 Simon J. Gerraty wrote: > Conrad Meyer wrote: > > If you use / need RANDOM_LOADABLE, can you provide some information on > > your use case and needs? If RANDOM_LOADABLE support was dropped in > > We use it in all our kernels. For FIPS 140-? certification we need to > load *only* an approved PRNG. We don't particularly like that and nor > do some of our customers - so some 4th does runtime selection of rng > module during boot. > > I appreciate the quick feedback, thanks. The algorithm/ internals aren=E2= =80=99t too important for me; I=E2=80=99m interested in what your minimal api needs= from FreeBSD are. It sounds like you select the random module to load in loader(8) =E2=80=94 = you don=E2=80=99t need userspace / runtime loading (kldload). Is that understan= ding correct? Would it be possible to answer the other questions from the initial email, too? If random loadable support was removed upstream, are you unable to address your needs in the junos tree? Why? Thanks, Conrad