Re: Killing RANDOM_LOADABLE?

From: Simon J. Gerraty <sjg_at_juniper.net>
Date: Sun, 1 Dec 2019 15:56:37 -0800
Simon J. Gerraty <sjg_at_juniper.net> wrote:

> Conrad Meyer <cem_at_freebsd.org> wrote:
> > If you use / need RANDOM_LOADABLE, can you provide some information on
> > your use case and needs?  If RANDOM_LOADABLE support was dropped in
> 
> We use it in all our kernels. For FIPS 140-? certification we need to

Correction - we did.  Disabled it a couple of years ago.
We preload the chosen module so I guess RANDOM_LOADABLE is unnecessary.

> load *only* an approved  PRNG.  We don't particularly like that and nor
> do some of our customers - so some 4th does runtime selection of rng
> module during boot.
Received on Sun Dec 01 2019 - 23:59:54 UTC