random(4) plugin infrastructure for mulitple RNG in a modular fashion
Mark R V Murray
mark at grondar.org
Tue Aug 20 07:14:44 UTC 2013
On 20 Aug 2013, at 04:12, Tim Kientzle <tim at kientzle.com> wrote:
>
> I've not heard anyone asking for a run-time switch in
> GENERIC.
des@ is the main one, and its what we have right now in CURRENT.
> I would suggest making that a longer-term option
> and having the choice of mixer/conditioner
> (Yarrow, Fortuna, or HW passthrough) be
> a compile-time choice for now.
Too late. :-)
Questions needing answering now include "should Yarrow/Fortuna be run-time choosable?", "there are more than two hardware RNGs (Ivy, Nehemiah) in the system, how do we best make them available?", "if more than one HW RNG is present, do we mix them, and how?", "if the requested configuration does not give you a random number supply, does the system block or panic?".
>>>> I'd go so far as to say that if you have random in your kernel, then you need to specify some "filter" or you get a compile-time error. Specifying yarrow via DEFAULTS or std.foo is fine by me, since both of those can be overriden fairly easily.... I'd also think we'd want to FAIL_PANIC or FAIL_BLOCKING, and have that choice hard wired at some level too, to be explicit about things. But maybe that's gilding things a bit too much and a tunable would suffice…
>>>
>>> Won't sell. Folks are saying they want the choice of the raw output. In GENERIC.
>
> I've not heard anyone asking for raw output in GENERIC.
There have been a couple. Again des@ is the one I remember most clearly off the top of my head.
M
--
Mark R V Murray
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 353 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20130820/33e63800/attachment.sig>
More information about the freebsd-arch
mailing list