Date: Sun, 1 Dec 2019 14:37:25 -0800 From: Conrad Meyer <cem@freebsd.org> To: "Simon J. Gerraty" <sjg@juniper.net>, "freebsd-arch@freebsd.org" <arch@freebsd.org> Subject: Re: Killing RANDOM_LOADABLE? Message-ID: <CAG6CVpXyo_BKhYVDzV_=D90kTkpFtpYOmpFa0S6XuXtn%2B5wpFw@mail.gmail.com> In-Reply-To: <40710.1575238505@kaos.jnpr.net> References: <CAG6CVpXFjxUxKL6Bb3Gw1Krdo4PkUPBjCnnG5hrDcr39aoF=zQ@mail.gmail.com> <40710.1575238505@kaos.jnpr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Simon, On Sun, Dec 1, 2019 at 14:19 Simon J. Gerraty <sjg@juniper.net> wrote: > Conrad Meyer <cem@freebsd.org> wrote: > > If you use / need RANDOM_LOADABLE, can you provide some information on > > your use case and needs? If RANDOM_LOADABLE support was dropped in > > We use it in all our kernels. For FIPS 140-? certification we need to > load *only* an approved PRNG. We don't particularly like that and nor > do some of our customers - so some 4th does runtime selection of rng > module during boot. > > I appreciate the quick feedback, thanks. The algorithm/ internals aren=E2= =80=99t too important for me; I=E2=80=99m interested in what your minimal api needs= from FreeBSD are. It sounds like you select the random module to load in loader(8) =E2=80=94 = you don=E2=80=99t need userspace / runtime loading (kldload). Is that understan= ding correct? Would it be possible to answer the other questions from the initial email, too? If random loadable support was removed upstream, are you unable to address your needs in the junos tree? Why? Thanks, Conrad
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG6CVpXyo_BKhYVDzV_=D90kTkpFtpYOmpFa0S6XuXtn%2B5wpFw>