random(4) plugin infrastructure for mulitple RNG in a modular fashion

Peter Wemm peter at wemm.org
Wed Aug 7 19:02:26 UTC 2013


On Wed, Aug 7, 2013 at 11:56 AM, David O'Brien <obrien at freebsd.org> wrote:
> On Fri, Aug 02, 2013 at 10:05:57AM +0200, Fabien Thomas wrote:
>> We need to have very good random by default.  Even selecting HW random
>> automatically is not very good. HW random is difficult to trust.
>>
>> Why not having a good default software random seeded by automatically
>> detected HW random ?  After that the user can choose to bypass the
>> software random a feed directly by the HW random source.
>
> Please don't hijack an infrastructure change that changes nothing for the
> GENERIC kernel.

The problem people have isn't with GENERIC.. its the less than optimal
effect this change causes on custom kernel configs.  ie: a magnitude
10 POLA violation.

> Please start a separate thread about changing how HW random sources are
> handled in random(4) if you like.  But that is outside the scope of
> this change.
>
> [Adding flexibility to how the HW sources are used will be in one of our
> next proposed changes.]

Please don't hold future "do it right" changes hostage to an interim
"break things by default" change.  If you're going somewhere with
this, how about we skip the "broken by default" step and see where
you're going?

-- 
Peter Wemm - peter at wemm.org; peter at FreeBSD.org; peter at yahoo-inc.com; KI6FJV
UTF-8: for when a ' just won\342\200\231t do.
<brueffer> ZFS must be the bacon of file systems. "everything's better with ZFS"


More information about the freebsd-arch mailing list