Date: Thu, 8 Aug 2013 13:24:03 -0600 From: Warner Losh <imp@bsdimp.com> To: John Baldwin <jhb@freebsd.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, Steve Kargl <sgk@troutmask.apl.washington.edu>, secteam@freebsd.org, freebsd-arch@freebsd.org Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <D7463527-2516-4D0D-B43D-6CC72B649E72@bsdimp.com> In-Reply-To: <201308081023.53040.jhb@freebsd.org> References: <20130807182858.GA79286@dragon.NUXI.org> <20130807192736.GA7099@troutmask.apl.washington.edu> <CAGE5yCq%2Bs6kYtVYyxi27RAqPmvpV42nNNykm2%2B2x1EJGCihYXw@mail.gmail.com> <201308081023.53040.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 8, 2013, at 8:23 AM, John Baldwin wrote: > On Wednesday, August 07, 2013 4:20:29 pm Peter Wemm wrote: >> On Wed, Aug 7, 2013 at 12:27 PM, Steve Kargl >> <sgk@troutmask.apl.washington.edu> wrote: >>> On Wed, Aug 07, 2013 at 11:28:58AM -0700, David O'Brien wrote: >>>>=20 >>>> * Make Yarrow an optional kernel component -- enabled by = "YARROW_RNG" >>>> option. The files sha2.c, hash.c, randomdev_soft.c and yarrow.c >>>> comprise yarrow. random(4) device doesn't really depend on >>>> rijndael-*. Yarrow, however, does. >>>>=20 >>>> * If the kernel doesn't have any random_adaptor adapters present = then >>>> the creation of /dev/random is postponed until next random_adaptor >>>> is kldload'ed. >>>=20 >>> My kernel config files have included the following 2 lines for >>> ages: >>>=20 >>> makeoptions NO_MODULES >>> device random >>>=20 >>> If I try to build a new kernel under your scheme, will the >>> build die with an error about a missing option? If the answer >>> is 'no', then the yarrow adaptor should be opt-out. >>=20 >> That's the main point here. >>=20 >> If I'm running on a working system, I have a reasonable expectation >> that the kernel config I was using yesterday will work sufficiently >> tomorrow that I won't get hosed by doing a 'svn update && make >> buildkernel && make installkernel'. >>=20 >> If that's not the case and there is a required change in order to not >> hose your system then POLA dictates that not making the required >> changes causes a build failure. >>=20 >> There's more leeway on head than a stable branch, but remember that >> when people upgrade from 9.x to 10.x they tend to take their 9.x >> kernel configs and make whatever changes are needed to get it to >> build. The 9-stable -> 10-release config path needs to catch fatal >> errors like this at build time. >>=20 >> Patching GENERIC isn't a complete solution. It doesn't solve the >> 'yesterday it worked, today it's a brick' problem. >=20 > The counter to this is that in the recent past, any suggestion to add = anything > to DEFAULTS was met with "that's the wrong way". In actual fact, = changes > to GENERIC happen quite often, and we often break older kernel configs = from > older branches (ATA_CAM is no longer in 10 for example). I'm not sure = I buy=20 > the argument that we can never break kernel configs from older = branches. >=20 > I also think that NO_FOO options aren't the way to go and that we = should=20 > always create "positive" options, but add them to GENERIC when making = a=20 > previously standard thing optional. I think adding things to DEFAULTS = should=20 > be rarely done, if ever. For the embedded kernels, where std.* take the place of the = sledge-hammer DEFAULTS, they are often the right place to put options = that will be the same for all kernels due to hardware constraints or = dictations. In this case, the port maintainers would know if there's a = hardware RNG or not on the chip, and if not put it into the appropriate = std.foo file. Of course, the fail stupid part of this patch is an even more = fundamental flaw in this patch, but I digress... Warner Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D7463527-2516-4D0D-B43D-6CC72B649E72>