Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 21 Nov 2014 12:34:18 +0200
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        Mark R V Murray <mark@grondar.org>, Adrian Chadd <adrian@freebsd.org>, arch@freebsd.org
Subject:   Re: svn commit: r274739 - head/sys/mips/conf
Message-ID:  <20141121103418.GL17068@kib.kiev.ua>
In-Reply-To: <20141121092245.GI99957@funkthat.com>
References:  <201411200552.sAK5qnXP063073@svn.freebsd.org> <20141120084832.GE24601@funkthat.com> <AE8F2D30-7F91-4C90-B79A-D99857D8AED8@grondar.org> <20141121092245.GI99957@funkthat.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 21, 2014 at 01:22:46AM -0800, John-Mark Gurney wrote:
> Mark Murray wrote this message on Fri, Nov 21, 2014 at 08:25 +0000:
> > 
> > > On 20 Nov 2014, at 08:48, John-Mark Gurney <jmg@funkthat.com> wrote:
> > > 
> > > Should we make random standard now?  We don't live in the 90's anymore,
> > > and a system really can't function w/o randomness anymore???
> > 
> > There is a case to be made for making it default in all/most kernel
> > configs.
> > 
> > I disagree on making it compulsory in all cases, as very small embedded
> > systems can easily argue for not having it.
> 
> How will it talk w/ the out side world?  w/o random, No sshd, no
> https...  providing randomness is a core component of a modern OS...
> 
> If you're really going for small embeded, you don't want FreeBSD, or
> if you do, you're willing to do the work to manually rip a lot more
> out of the standard kernel than just the random driver...  My stripped
> down i386 kernel is still over 6MB in size...
My fully modularized non-debugging kernel on amd64 has 5.5MB file size,
and 4.2MB text size. This is even with driver for rootfs and device
volume of the rootfs as modules.

I think it is possible to get down to 2.5-3MB on amd64 if really wanting
minimal configuration.  Equivalent i386 kernel would be smaller by 20-25%.

> 
> > > I'm fine w/ making the various random mixers options, but the core
> > > random infrastructure and /dev/u?random should be standard now???
> > 
> > There is some compulsory infrastructure; this gets you the ???dummy???
> > driver which just blocks and never delivers anything.
FWIW, I consider it useful to have even that parts modularized. Possibly,
not in default (I mean GENERIC, not the DEFAULT) configuration, but still
leaving place for stripping down without source hacking.  It does not have
require any modifications of the source code.

The Solaris approach of modularizing everything, even schedulers and
nexus, and doing kernel linking on boot is useful for many things,
including the pre-boot patching. The 'module-happy' approach of our new
USB stack is good example.  Our core is moving into other direction,
unfortunately, e.g. compat32 cannot be kldload'ed, and making it module
requires easy but significant amount of work, in particular, due to many
hooks of #ifdef COMPAT32.

> 
> Plus, you'd need to turn off the entropy boot script among other
> things...
> 
> If you can demonstrate a usable system w/o much modifications that
> runs w/ the dummy interface, or no boot random, that I'll drop my
> suggestion...  I'll try removing random tomorrow and see what breaks...

Using custom /etc/rc is easy and does not require e.g. init(8) modifications.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141121103418.GL17068>