Killing RANDOM_LOADABLE?
Conrad Meyer
cem at freebsd.org
Sun Dec 1 22:37:40 UTC 2019
Hi Simon,
On Sun, Dec 1, 2019 at 14:19 Simon J. Gerraty <sjg at juniper.net> wrote:
> Conrad Meyer <cem at freebsd.org> wrote:
> > If you use / need RANDOM_LOADABLE, can you provide some information on
> > your use case and needs? If RANDOM_LOADABLE support was dropped in
>
> We use it in all our kernels. For FIPS 140-? certification we need to
> load *only* an approved PRNG. We don't particularly like that and nor
> do some of our customers - so some 4th does runtime selection of rng
> module during boot.
>
>
I appreciate the quick feedback, thanks. The algorithm/ internals aren’t
too important for me; I’m interested in what your minimal api needs from
FreeBSD are.
It sounds like you select the random module to load in loader(8) — you
don’t need userspace / runtime loading (kldload). Is that understanding
correct?
Would it be possible to answer the other questions from the initial email,
too? If random loadable support was removed upstream, are you unable to
address your needs in the junos tree? Why?
Thanks,
Conrad
More information about the freebsd-arch
mailing list