Date: Fri, 9 Aug 2013 00:47:21 -0600 From: Warner Losh <imp@bsdimp.com> To: obrien@freebsd.org Cc: Arthur Mesh <arthurmesh@gmail.com>, Steve Kargl <sgk@troutmask.apl.washington.edu>, "Simon J. Gerraty" <sjg@juniper.net>, secteam@freebsd.org, Mark R V Murray <mark@grondar.org>, freebsd-arch@freebsd.org Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <FBC6CA6E-23EF-420C-866A-12BBAE447F59@bsdimp.com> In-Reply-To: <20130809013346.GG95000@dragon.NUXI.org> References: <20130807182858.GA79286@dragon.NUXI.org> <20130807192736.GA7099@troutmask.apl.washington.edu> <CAGE5yCq%2Bs6kYtVYyxi27RAqPmvpV42nNNykm2%2B2x1EJGCihYXw@mail.gmail.com> <5203968D.7060508@freebsd.org> <7018AAA9-0A88-430F-96B7-867E5F529B36@bsdimp.com> <50BE6942-CC39-413C-8E14-C6B93440901B@grondar.org> <20130808211657.GC95000@dragon.NUXI.org> <94E41175-EF09-47D1-9661-9AF04E8FA9A0@grondar.org> <20130808215853.2288458097@chaos.jnpr.net> <20130809013346.GG95000@dragon.NUXI.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 8, 2013, at 7:33 PM, David O'Brien wrote: > On Thu, Aug 08, 2013 at 02:58:53PM -0700, Simon Gerraty wrote: >> If there are bread crumbs to show whether an RNG is present or not in >> the output from config, it should be feasible to fail the build >> which as others have noted would be a "good thing"[TM] vs producing a >> toxic kernel. > > I may have misunderstood what you're saying. But if not, you're > not allowing for one using .ko's to have this functionality. > > How do I fail the build if I want to have 'device random' but use > some external provided RNG thru a kernel module? The original > changeset supported that. Or for what ever reason I want to have > the choice of RNG left up to which base kernel module I load? I still don't understand why Yarrow can't be the default, fallback mechanism that gets overridden when a new module is loaded. Rather than arguing this point, perhaps you could work to make that possible? That would allow you to implement things with hardware png, while still providing a sane fallback until such time that those can be loaded,,, > 'sysctl kern.random.adaptors' showing an empty list does provide > a bread crumb. /etc/rc.d/initrandom could certainly check this > value and complain loudly. The poison has been drunk at this time, it is too late to back out gracefully. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FBC6CA6E-23EF-420C-866A-12BBAE447F59>