From: Greg KH <gregkh@linuxfoundation.org>
To: Stephan Mueller <smueller@chronox.de>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
kernel-hardening@lists.openwall.com,
linux-kernel@vger.kernel.org, dhowells@redhat.com,
ebiggers3@gmail.com, Herbert Xu <herbert@gondor.apana.org.au>,
Kirill Marinushkin <k.marinushkin@gmail.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Ilhan Gurel <ilhan.gurel@gmail.com>,
security@kernel.org, stable@vger.kernel.org
Subject: Re: [kernel-hardening] Re: [PATCH v4] security/keys: rewrite all of big_key crypto
Date: Mon, 18 Sep 2017 09:04:55 +0000 [thread overview]
Message-ID: <20170918090455.GA18325@kroah.com> (raw)
In-Reply-To: <2681038.03lnYPhpsa@tauon.chronox.de>
On Mon, Sep 18, 2017 at 10:49:56AM +0200, Stephan Mueller wrote:
> Am Samstag, 16. September 2017, 15:00:34 CEST schrieb Jason A. Donenfeld:
>
> Hi Jason,
>
> > This started out as just replacing the use of crypto/rng with
> > get_random_bytes_wait,
>
> This change is a challenge. The use of the kernel crypto API's DRNG has been
> made to allow FIPS 140-2 compliance. Otherwise, the entire key generation
> logic will not be using the right(TM) DRNG. Thus, I would not suggest to
> replace that for a stable tree.
Why not? What is the issue here, there is only one "DRNG" in the kernel
now (and probably for a long time...)
> Note, I am currently working on a pluggable DRNG apporach for /dev/random and
> /dev/urandom to be able to get rid of the use of the kernel crypto API's DRNG
> API. It is ready and I will air that solution shortly. Yet, it needs work to
> be integrated upstream (and approval from Ted Tso).
We don't postpone work for potential future patches that might or might
not ever happen or get merged. That's how NetBSD died...
thanks,
greg k-h
WARNING: multiple messages have this Message-ID (diff)
From: Greg KH <gregkh@linuxfoundation.org>
To: Stephan Mueller <smueller@chronox.de>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
linux-security-module@vger.kernel.org, keyrings@vger.kernel.org,
kernel-hardening@lists.openwall.com,
linux-kernel@vger.kernel.org, dhowells@redhat.com,
ebiggers3@gmail.com, Herbert Xu <herbert@gondor.apana.org.au>,
Kirill Marinushkin <k.marinushkin@gmail.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Ilhan Gurel <ilhan.gurel@gmail.com>,
security@kernel.org, stable@vger.kernel.org
Subject: Re: [kernel-hardening] Re: [PATCH v4] security/keys: rewrite all of big_key crypto
Date: Mon, 18 Sep 2017 11:04:55 +0200 [thread overview]
Message-ID: <20170918090455.GA18325@kroah.com> (raw)
In-Reply-To: <2681038.03lnYPhpsa@tauon.chronox.de>
On Mon, Sep 18, 2017 at 10:49:56AM +0200, Stephan Mueller wrote:
> Am Samstag, 16. September 2017, 15:00:34 CEST schrieb Jason A. Donenfeld:
>
> Hi Jason,
>
> > This started out as just replacing the use of crypto/rng with
> > get_random_bytes_wait,
>
> This change is a challenge. The use of the kernel crypto API's DRNG has been
> made to allow FIPS 140-2 compliance. Otherwise, the entire key generation
> logic will not be using the right(TM) DRNG. Thus, I would not suggest to
> replace that for a stable tree.
Why not? What is the issue here, there is only one "DRNG" in the kernel
now (and probably for a long time...)
> Note, I am currently working on a pluggable DRNG apporach for /dev/random and
> /dev/urandom to be able to get rid of the use of the kernel crypto API's DRNG
> API. It is ready and I will air that solution shortly. Yet, it needs work to
> be integrated upstream (and approval from Ted Tso).
We don't postpone work for potential future patches that might or might
not ever happen or get merged. That's how NetBSD died...
thanks,
greg k-h
WARNING: multiple messages have this Message-ID (diff)
From: gregkh@linuxfoundation.org (Greg KH)
To: linux-security-module@vger.kernel.org
Subject: [kernel-hardening] Re: [PATCH v4] security/keys: rewrite all of big_key crypto
Date: Mon, 18 Sep 2017 11:04:55 +0200 [thread overview]
Message-ID: <20170918090455.GA18325@kroah.com> (raw)
In-Reply-To: <2681038.03lnYPhpsa@tauon.chronox.de>
On Mon, Sep 18, 2017 at 10:49:56AM +0200, Stephan Mueller wrote:
> Am Samstag, 16. September 2017, 15:00:34 CEST schrieb Jason A. Donenfeld:
>
> Hi Jason,
>
> > This started out as just replacing the use of crypto/rng with
> > get_random_bytes_wait,
>
> This change is a challenge. The use of the kernel crypto API's DRNG has been
> made to allow FIPS 140-2 compliance. Otherwise, the entire key generation
> logic will not be using the right(TM) DRNG. Thus, I would not suggest to
> replace that for a stable tree.
Why not? What is the issue here, there is only one "DRNG" in the kernel
now (and probably for a long time...)
> Note, I am currently working on a pluggable DRNG apporach for /dev/random and
> /dev/urandom to be able to get rid of the use of the kernel crypto API's DRNG
> API. It is ready and I will air that solution shortly. Yet, it needs work to
> be integrated upstream (and approval from Ted Tso).
We don't postpone work for potential future patches that might or might
not ever happen or get merged. That's how NetBSD died...
thanks,
greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-09-18 9:04 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-16 13:00 [PATCH v4] security/keys: rewrite all of big_key crypto Jason A. Donenfeld
2017-09-16 13:00 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-16 13:00 ` Jason A. Donenfeld
2017-09-16 13:00 ` Jason A. Donenfeld
2017-09-16 13:05 ` [PATCH v5] " Jason A. Donenfeld
2017-09-16 13:05 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-16 13:05 ` Jason A. Donenfeld
2017-09-16 13:05 ` Jason A. Donenfeld
2017-09-17 6:04 ` Eric Biggers
2017-09-17 6:04 ` [kernel-hardening] " Eric Biggers
2017-09-17 6:04 ` Eric Biggers
2017-09-17 6:04 ` Eric Biggers
2017-09-17 11:50 ` Jason A. Donenfeld
2017-09-17 11:50 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-17 11:50 ` Jason A. Donenfeld
2017-09-17 11:50 ` Jason A. Donenfeld
2017-09-17 11:52 ` [PATCH v6] " Jason A. Donenfeld
2017-09-17 11:52 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-17 11:52 ` Jason A. Donenfeld
2017-09-17 11:52 ` Jason A. Donenfeld
2017-09-20 5:30 ` Stephan Mueller
2017-09-20 5:30 ` [kernel-hardening] " Stephan Mueller
2017-09-20 5:30 ` Stephan Mueller
2017-09-20 5:30 ` Stephan Mueller
2017-09-20 10:52 ` Jason A. Donenfeld
2017-09-20 10:52 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-20 10:52 ` Jason A. Donenfeld
2017-09-20 10:52 ` Jason A. Donenfeld
2017-09-20 13:45 ` Stephan Mueller
2017-09-20 13:45 ` [kernel-hardening] " Stephan Mueller
2017-09-20 13:45 ` Stephan Mueller
2017-09-20 13:45 ` Stephan Mueller
2017-09-20 14:01 ` Jason A. Donenfeld
2017-09-20 14:01 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-20 14:01 ` Jason A. Donenfeld
2017-09-20 14:01 ` Jason A. Donenfeld
2017-09-20 14:06 ` Stephan Mueller
2017-09-20 14:06 ` [kernel-hardening] " Stephan Mueller
2017-09-20 14:06 ` Stephan Mueller
2017-09-20 14:06 ` Stephan Mueller
2017-09-20 14:09 ` Jason A. Donenfeld
2017-09-20 14:09 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-20 14:09 ` Jason A. Donenfeld
2017-09-20 14:09 ` Jason A. Donenfeld
2017-09-19 15:38 ` David Howells
2017-09-19 15:38 ` [kernel-hardening] " David Howells
2017-09-19 15:38 ` David Howells
2017-09-19 15:38 ` David Howells
2017-09-20 14:56 ` Jason A. Donenfeld
2017-09-20 14:56 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-20 14:56 ` Jason A. Donenfeld
2017-09-20 14:56 ` Jason A. Donenfeld
2017-09-18 8:49 ` [PATCH v4] " Stephan Mueller
2017-09-18 8:49 ` [kernel-hardening] " Stephan Mueller
2017-09-18 8:49 ` Stephan Mueller
2017-09-18 8:49 ` Stephan Mueller
2017-09-18 9:04 ` Greg KH [this message]
2017-09-18 9:04 ` [kernel-hardening] " Greg KH
2017-09-18 9:04 ` Greg KH
2017-09-18 9:12 ` Stephan Mueller
2017-09-18 9:12 ` Stephan Mueller
2017-09-18 9:12 ` Stephan Mueller
2017-09-18 11:24 ` Jason A. Donenfeld
2017-09-18 11:24 ` [kernel-hardening] " Jason A. Donenfeld
2017-09-18 11:24 ` Jason A. Donenfeld
2017-09-18 11:24 ` Jason A. Donenfeld
2017-09-19 13:39 ` Theodore Ts'o
2017-09-19 13:39 ` [kernel-hardening] " Theodore Ts'o
2017-09-19 13:39 ` Theodore Ts'o
2017-09-19 13:39 ` Theodore Ts'o
2017-09-19 19:04 ` [kernel-hardening] " Sandy Harris
2017-09-19 19:04 ` Sandy Harris
2017-09-19 19:04 ` Sandy Harris
2017-09-19 19:17 ` Jason A. Donenfeld
2017-09-19 19:17 ` Jason A. Donenfeld
2017-09-19 19:17 ` Jason A. Donenfeld
2017-09-20 1:16 ` Theodore Ts'o
2017-09-20 1:16 ` Theodore Ts'o
2017-09-20 1:16 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170918090455.GA18325@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=Jason@zx2c4.com \
--cc=ard.biesheuvel@linaro.org \
--cc=dhowells@redhat.com \
--cc=ebiggers3@gmail.com \
--cc=herbert@gondor.apana.org.au \
--cc=ilhan.gurel@gmail.com \
--cc=k.marinushkin@gmail.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=security@kernel.org \
--cc=smueller@chronox.de \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.