Date: Sun, 1 Dec 2019 15:56:37 -0800 From: "Simon J. Gerraty" <sjg@juniper.net> To: <cem@freebsd.org>, "freebsd-arch@freebsd.org" <arch@freebsd.org>, <sjg@juniper.net> Subject: Re: Killing RANDOM_LOADABLE? Message-ID: <29077.1575244597@kaos.jnpr.net> In-Reply-To: <40710.1575238505@kaos.jnpr.net> References: <CAG6CVpXFjxUxKL6Bb3Gw1Krdo4PkUPBjCnnG5hrDcr39aoF=zQ@mail.gmail.com> <40710.1575238505@kaos.jnpr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Simon J. Gerraty <sjg@juniper.net> wrote: > Conrad Meyer <cem@freebsd.org> wrote: > > If you use / need RANDOM_LOADABLE, can you provide some information on > > your use case and needs? If RANDOM_LOADABLE support was dropped in > > We use it in all our kernels. For FIPS 140-? certification we need to Correction - we did. Disabled it a couple of years ago. We preload the chosen module so I guess RANDOM_LOADABLE is unnecessary. > load *only* an approved PRNG. We don't particularly like that and nor > do some of our customers - so some 4th does runtime selection of rng > module during boot.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?29077.1575244597>