From owner-freebsd-hackers Sat Sep 14 15:38:11 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3EADD37B400 for ; Sat, 14 Sep 2002 15:38:09 -0700 (PDT) Received: from Millions.Ca (h24-79-52-254.sbm.shawcable.net [24.79.52.254]) by mx1.FreeBSD.org (Postfix) with ESMTP id 72E7043E6E for ; Sat, 14 Sep 2002 15:38:08 -0700 (PDT) (envelope-from stacy@Millions.Ca) Received: (from uucp@localhost) by Millions.Ca (8.11.1/8.9.3) id g8EMc7a81231 for ; Sat, 14 Sep 2002 16:38:07 -0600 (MDT) (envelope-from stacy@Millions.Ca) Received: from Cedar.Millions.Ca(192.168.64.8) via SMTP by mail-gw-0.millions.ca, id smtpdF81229; Sat Sep 14 16:37:59 2002 Received: from millions.ca (Bonsai.Millions.Ca [192.168.64.4]) by cedar.millions.ca (8.12.2/8.12.3) with ESMTP id g8EMbxcM013478 for ; Sat, 14 Sep 2002 16:37:59 -0600 (MDT) (envelope-from stacy@millions.ca) Message-ID: <3D83BA46.7060302@millions.ca> Date: Sat, 14 Sep 2002 16:37:58 -0600 From: Stacy Millions Organization: Millions Consulting Limited User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0.0) Gecko/20020612 X-Accept-Language: en-us, en MIME-Version: 1.0 To: hackers@FreeBSD.ORG Subject: Re: kern_random interface References: <3D822EB8.4010201@millions.ca> <20020914140645.GB627@gallium> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dominic Marks wrote: > > > Other '*control' applications keywords, it would be nice to keep this > constant in rndcontrol (In my opinion anyway), something like: > > rndcontrol list > > Show a list of the random data sources > > rndcontrol enable rng0 > > Enable harversting from this device > > rndcontrol disable rng0 > > Disable harversting > > rndcontrol link ipsec rng0 > rndcontrol link geom rng1 > > Assign certain parts of the kernel to certain random devices > > Is this sort of what you had in mind ? I had not thought of using rndcontrol to assign randomness to other areas and I'm not sure it is appropriate. I would have expected that to be part of the functionality of the subsytems configuration tool. For example, for IPSec it would be an option to setkey. Maybe setkey -r rng0 But this would require some sort of a standard interface within the kernel that all rng devices should implement and then it would be possible for IPSec to select its source of randomness. Of course, I'm not sure if this falls under the category "Interesting idea, but not practical". Is it usefull for indvidual components to select different sources of randomness, or are you better off to have all the RNG devices feeding kern_random? -stacy -- If they keep lowering education standards and raising the price of gasoline, there are going to be a lot of stupid people walking around. Stacy Millions stacy@millions.ca Millions Consulting Limited To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message