LKML Archive on lore.kernel.org
 help / color / Atom feed
From: Stephan Mueller <smueller@chronox.de>
To: Andy Lutomirski <luto@kernel.org>
Cc: Arnd Bergmann <arnd@arndb.de>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
	LKML <linux-kernel@vger.kernel.org>,
	Linux API <linux-api@vger.kernel.org>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	"Alexander E. Patrakov" <patrakov@gmail.com>,
	"Ahmed S. Darwish" <darwish.07@gmail.com>,
	"Theodore Y. Ts'o" <tytso@mit.edu>, Willy Tarreau <w@1wt.eu>,
	Matthew Garrett <mjg59@srcf.ucam.org>,
	Vito Caputo <vcaputo@pengaru.com>,
	Andreas Dilger <adilger.kernel@dilger.ca>,
	Jan Kara <jack@suse.cz>, Ray Strode <rstrode@redhat.com>,
	William Jon McCann <mccann@jhu.edu>,
	zhangjs <zachary@baishancloud.com>,
	Florian Weimer <fweimer@redhat.com>,
	Lennart Poettering <mzxreary@0pointer.de>,
	Nicolai Stange <nstange@suse.de>,
	"Peter, Matthias" <matthias.peter@bsi.bund.de>,
	Marcelo Henrique Cerri <marcelo.cerri@canonical.com>,
	Roman Drahtmueller <draht@schaltsekun.de>,
	Neil Horman <nhorman@redhat.com>
Subject: Re: [PATCH v25 10/12] LRNG - add TRNG support
Date: Tue, 19 Nov 2019 11:46:51 +0100
Message-ID: <25235737.Vo4cOZQZay@tauon.chronox.de> (raw)
In-Reply-To: <CALCETrUKDO1LSMnHNcPiAFQh2ri6saRiRBi9b5e699cm1_Mgsw@mail.gmail.com>

Am Dienstag, 19. November 2019, 11:07:40 CET schrieb Andy Lutomirski:

Hi Andy,

> On Sun, Nov 17, 2019 at 3:11 AM Stephan Müller <smueller@chronox.de> wrote:
> > Am Samstag, 16. November 2019, 17:09:09 CET schrieb Andy Lutomirski:
> > 
> > Hi Andy,
> > 
> > > > On Nov 16, 2019, at 1:40 AM, Stephan Müller <smueller@chronox.de>
> > > > wrote:
> > > > 
> > > > The True Random Number Generator (TRNG) provides a random number
> > > > generator with prediction resistance (SP800-90A terminology) or an
> > > > NTG.1
> > > > (AIS 31 terminology).
> > > 
> > > ...
> > > 
> > > > The secondary DRNGs seed from the TRNG if it is present. In addition,
> > > > the /dev/random device accesses the TRNG.
> > > > 
> > > > If the TRNG is disabled, the secondary DRNGs seed from the entropy
> > > > pool
> > > > and /dev/random behaves like getrandom(2).
> > > 
> > > As mentioned before, I don’t like this API.  An application that, for
> > > some
> > > reason, needs a TRNG, should have an API by which it either gets a TRNG
> > > or
> > > an error. Similarly, an application that wants cryptographically secure
> > > random numbers efficiently should have an API that does that.  With your
> > > design, /dev/random tries to cater to both use cases, but one of the use
> > > cases fails depending on kernel config.
> > > 
> > > I think /dev/random should wait for enough entropy to initialize the
> > > system
> > > but should not block after that. A TRNG should have an entirely new API
> > > that is better than /dev/random.
> > 
> > I apologize for the misunderstanding. I assumed we would introduce such
> > /dev/ true_random at a later stage.
> > 
> > If you agree, I can certainly add /dev/true_random right now that links
> > with the TRNG and make /dev/random behave as discussed, i.e. behave
> > exactly like getrandom(..., 0);
> 
> Given that your series is already a decently large ABI change, I think
> it would be polite to users to make all the anticipated changes all at
> once to reduce the amount of churn everyone needs to deal with.

I fully agree with that. This is the reason for my question to ask for how to 
approach adding such additional interface for the TRNG. Considering that there 
are use cases for the blocking interfaces, I would like to have it present 
from the start.

That said, are you planning to keep the blocking_pool considering our 
discussion?

But may I ask why you say that there are ABI changes? The LRNG set tries to be 
100% API and ABI compliant to the existing random.c interfaces.

The only change is the runtime-behavior (e.g. time when something is seeded), 
performance of the interrupt handling and the kernel/user interfaces that may 
be noticeable by users. I.e. there are timing changes, but no technical 
changes.

The LRNG though would add one optional interface for kernel internal use and 
then the discussed /dev/true_random interface.
> 
> > As this would introduce a new device file now, is there a special process
> > that I need to follow or do I need to copy? Which major/minor number
> > should I use?
> > 
> > Looking into static const struct memdev devlist[] I see
> > 
> >          [8] = { "random", 0666, &random_fops, 0 },
> >          [9] = { "urandom", 0666, &urandom_fops, 0 },
> > 
> > Shall a true_random be added here with [10]?
> 
> I am not at all an expert on chardevs, but this sounds generally
> reasonable.  gregkh is probably the real authority here.

Thank you for the hint. Then I would like to wait for Greg on this.

Ciao
Stephan



  reply index

Thread overview: 162+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-11 18:17 [PATCH v24 00/12] /dev/random - a new approach with full SP800-90B compliance Stephan Müller
2019-11-11 18:18 ` [PATCH v24 01/12] Linux Random Number Generator Stephan Müller
2019-11-11 23:54   ` Thomas Gleixner
2019-11-12  2:25     ` Stephan Müller
2019-11-12 10:16       ` Thomas Gleixner
2019-11-12 22:30   ` kbuild test robot
2019-11-12 23:15     ` Stephan Müller
2019-11-13  0:14   ` kbuild test robot
2019-11-13  0:25     ` Stephan Müller
2019-11-24  4:51   ` Sandy Harris
2019-11-24  9:02     ` Stephan Mueller
2019-11-11 18:19 ` [PATCH v24 02/12] LRNG - allocate one SDRNG instance per NUMA node Stephan Müller
2019-11-11 18:20 ` [PATCH v24 03/12] LRNG - /proc interface Stephan Müller
2019-11-11 18:20 ` [PATCH v24 04/12] LRNG - add switchable DRNG support Stephan Müller
2019-11-11 18:21 ` [PATCH v24 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller
2019-11-11 18:21 ` [PATCH v24 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller
2019-11-11 18:22 ` [PATCH v24 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller
2019-11-11 18:23 ` [PATCH v24 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller
2019-11-11 18:23 ` [PATCH v24 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller
2019-11-11 18:24 ` [PATCH v24 10/12] LRNG - add TRNG support Stephan Müller
2019-11-11 18:26 ` [PATCH v24 11/12] LRNG - add SP800-90B compliant health tests Stephan Müller
2019-11-12 19:58   ` Alexander E. Patrakov
2019-11-12 23:11     ` Stephan Müller
2019-11-13  0:36     ` Stephan Müller
2019-11-13  6:02       ` Alexander E. Patrakov
2019-11-14  1:46         ` Stephan Müller
2019-11-11 18:26 ` [PATCH v24 12/12] LRNG - add interface for gathering of raw entropy Stephan Müller
2019-11-12 20:55   ` kbuild test robot
2019-11-12 23:13     ` Stephan Müller
2019-11-12 13:23 ` [PATCH v24 00/12] /dev/random - a new approach with full SP800-90B compliance Florian Weimer
2019-11-12 22:43   ` Stephan Müller
2019-11-12 15:33 ` Andy Lutomirski
2019-11-12 23:03   ` Stephan Müller
2019-11-12 23:26     ` Stephan Müller
2019-11-13  4:24   ` Stephan Müller
2019-11-13  4:48     ` Andy Lutomirski
2019-11-13 12:16       ` Stephan Müller
2019-11-16  9:32 ` [PATCH v25 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller
2019-11-16  9:33   ` [PATCH v25 01/12] Linux Random Number Generator Stephan Müller
2019-11-16 11:25     ` Thomas Gleixner
2019-11-17 10:30       ` Stephan Müller
2019-11-16 18:13     ` Nicolai Stange
2019-11-17 11:01       ` Stephan Müller
2019-11-16  9:33   ` [PATCH v25 02/12] LRNG - allocate one SDRNG instance per NUMA node Stephan Müller
2019-11-16  9:34   ` [PATCH v25 03/12] LRNG - /proc interface Stephan Müller
2019-11-16 16:39     ` Andy Lutomirski
2019-11-17 12:16       ` Stephan Müller
2019-11-19 10:06         ` Andy Lutomirski
2019-11-19 10:55           ` Stephan Mueller
2019-11-19 17:40             ` Andy Lutomirski
2019-11-16 23:36     ` ebiederm
2019-11-17 11:37       ` Stephan Müller
2019-11-16  9:34   ` [PATCH v25 04/12] LRNG - add switchable DRNG support Stephan Müller
2019-11-16  9:35   ` [PATCH v25 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller
2019-11-16  9:35   ` [PATCH v25 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller
2019-11-16  9:35   ` [PATCH v25 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller
2019-11-16  9:36   ` [PATCH v25 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller
2019-11-16  9:36   ` [PATCH v25 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller
2019-11-20 13:33     ` Neil Horman
2019-11-20 20:07       ` Stephan Müller
2019-11-21 14:19         ` Neil Horman
2019-11-21 14:33           ` Stephan Mueller
2019-11-16  9:37   ` [PATCH v25 10/12] LRNG - add TRNG support Stephan Müller
2019-11-16 16:09     ` Andy Lutomirski
2019-11-17 11:10       ` Stephan Müller
2019-11-19 10:07         ` Andy Lutomirski
2019-11-19 10:46           ` Stephan Mueller [this message]
2019-11-19 12:41           ` Greg Kroah-Hartman
2019-11-20  8:58             ` Stephan Müller
2019-11-20  9:55               ` Alexander E. Patrakov
2019-11-20 13:29               ` Greg Kroah-Hartman
2019-11-20 19:51                 ` Stephan Müller
2019-11-20 19:57                   ` Alexander E. Patrakov
2019-11-20 20:32                   ` Greg Kroah-Hartman
2019-11-21 13:06                     ` Stephan Müller
2019-11-16  9:37   ` [PATCH v25 11/12] LRNG - add SP800-90B compliant health tests Stephan Müller
2019-11-16  9:38   ` [PATCH v25 12/12] LRNG - add interface for gathering of raw entropy Stephan Müller
2019-11-16 16:51     ` Andy Lutomirski
2019-11-17 22:55       ` Stephan Müller
2019-11-19 10:04         ` Andy Lutomirski
2019-11-19 17:17     ` Randy Dunlap
2019-11-20  9:01       ` Stephan Müller
2019-11-21 12:18     ` Nicolai Stange
2019-11-21 15:18       ` Stephan Müller
2019-11-23 20:08   ` [PATCH v26 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller
2019-11-23 20:10     ` [PATCH v26 01/12] Linux Random Number Generator Stephan Müller
2019-11-24 22:44       ` kbuild test robot
2019-11-25  6:29         ` Stephan Mueller
2019-11-23 20:10     ` [PATCH v26 02/12] LRNG - allocate one SDRNG instance per NUMA node Stephan Müller
2019-11-23 20:11     ` [PATCH v26 03/12] LRNG - sysctls and /proc interface Stephan Müller
2019-11-23 20:11     ` [PATCH v26 04/12] LRNG - add switchable DRNG support Stephan Müller
2019-11-23 20:31     ` [PATCH v26 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller
2019-11-23 20:32     ` [PATCH v26 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller
2019-11-23 20:32     ` [PATCH v26 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller
2019-11-23 20:33     ` [PATCH v26 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller
2019-11-23 20:34     ` [PATCH v26 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller
2019-11-23 20:34     ` [PATCH v26 10/12] LRNG - add TRNG support Stephan Müller
2019-11-23 20:34     ` [PATCH v26 11/12] LRNG - add SP800-90B compliant health tests Stephan Müller
2019-11-23 20:35     ` [PATCH v26 12/12] LRNG - add interface for gathering of raw entropy Stephan Müller
2020-01-09  8:29     ` [PATCH v27 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller
2020-01-09  8:30       ` [PATCH v27 01/12] Linux Random Number Generator Stephan Müller
2020-01-16  6:09         ` kbuild test robot
2020-01-16  6:41           ` Stephan Mueller
2020-01-09  8:31       ` [PATCH v27 02/12] LRNG - allocate one DRNG instance per NUMA node Stephan Müller
2020-01-09  8:31       ` [PATCH v27 03/12] LRNG - sysctls and /proc interface Stephan Müller
2020-01-09  8:32       ` [PATCH v27 04/12] LRNG - add switchable DRNG support Stephan Müller
2020-01-11  7:09         ` kbuild test robot
2020-01-12 10:12           ` Stephan Müller
2020-01-09  8:32       ` [PATCH v27 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller
2020-01-09  8:32       ` [PATCH v27 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller
2020-01-09  8:33       ` [PATCH v27 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller
2020-01-09  8:33       ` [PATCH v27 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller
2020-01-09  8:34       ` [PATCH v27 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller
2020-01-10  0:24         ` Randy Dunlap
2020-01-10  7:45           ` Stephan Mueller
2020-01-09  8:34       ` [PATCH v27 10/12] LRNG - add SP800-90B compliant health tests Stephan Müller
2020-01-10  0:20         ` Randy Dunlap
2020-01-10  8:27           ` Stephan Mueller
2020-01-09  8:35       ` [PATCH v27 11/12] LRNG - add interface for gathering of raw entropy Stephan Müller
2020-01-09  8:35       ` [PATCH v27 12/12] LRNG - add power-on and runtime self-tests Stephan Müller
2020-01-10  0:22         ` Randy Dunlap
2020-01-10  7:48           ` Stephan Mueller
2020-01-13 10:39         ` Dan Carpenter
2020-01-13 10:46           ` Stephan Mueller
2020-01-15 10:31       ` [PATCH v28 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller
2020-01-15 10:31         ` [PATCH v28 01/12] Linux Random Number Generator Stephan Müller
2020-01-16  0:11           ` Randy Dunlap
2020-01-16  7:22             ` Stephan Mueller
2020-01-15 10:32         ` [PATCH v28 02/12] LRNG - allocate one DRNG instance per NUMA node Stephan Müller
2020-01-15 10:32         ` [PATCH v28 03/12] LRNG - sysctls and /proc interface Stephan Müller
2020-01-15 10:32         ` [PATCH v28 04/12] LRNG - add switchable DRNG support Stephan Müller
2020-01-15 10:33         ` [PATCH v28 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller
2020-01-15 10:33         ` [PATCH v28 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller
2020-01-16  0:14           ` Randy Dunlap
2020-01-16  6:55             ` Stephan Mueller
2020-01-15 10:34         ` [PATCH v28 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller
2020-01-16  0:15           ` Randy Dunlap
2020-01-16  6:54             ` Stephan Mueller
2020-01-15 10:34         ` [PATCH v28 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller
2020-01-15 10:34         ` [PATCH v28 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller
2020-01-16  0:17           ` Randy Dunlap
2020-01-16  6:51             ` Stephan Mueller
2020-01-15 10:35         ` [PATCH v28 10/12] LRNG - add SP800-90B compliant health tests Stephan Müller
2020-01-15 10:35         ` [PATCH v28 11/12] LRNG - add interface for gathering of raw entropy Stephan Müller
2020-01-16  0:18           ` Randy Dunlap
2020-01-16  6:43             ` Stephan Mueller
2020-01-16  6:48               ` Randy Dunlap
2020-01-16  6:52                 ` Stephan Mueller
2020-01-15 10:36         ` [PATCH v28 12/12] LRNG - add power-on and runtime self-tests Stephan Müller
2020-01-19 21:12         ` [PATCH v29 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller
2020-01-19 21:13           ` [PATCH v29 01/12] Linux Random Number Generator Stephan Müller
2020-01-19 21:13           ` [PATCH v29 02/12] LRNG - allocate one DRNG instance per NUMA node Stephan Müller
2020-01-19 21:14           ` [PATCH v29 03/12] LRNG - sysctls and /proc interface Stephan Müller
2020-01-19 21:14           ` [PATCH v29 04/12] LRNG - add switchable DRNG support Stephan Müller
2020-01-19 21:15           ` [PATCH v29 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller
2020-01-19 21:16           ` [PATCH v29 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller
2020-01-19 21:16           ` [PATCH v29 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller
2020-01-19 21:17           ` [PATCH v29 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller
2020-01-19 21:18           ` [PATCH v29 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller
2020-01-19 21:18           ` [PATCH v29 10/12] LRNG - add SP800-90B compliant health tests Stephan Müller
2020-01-19 21:19           ` [PATCH v29 11/12] LRNG - add interface for gathering of raw entropy Stephan Müller
2020-01-19 21:20           ` [PATCH v29 12/12] LRNG - add power-on and runtime self-tests Stephan Müller

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=25235737.Vo4cOZQZay@tauon.chronox.de \
    --to=smueller@chronox.de \
    --cc=adilger.kernel@dilger.ca \
    --cc=arnd@arndb.de \
    --cc=darwish.07@gmail.com \
    --cc=draht@schaltsekun.de \
    --cc=ebiederm@xmission.com \
    --cc=fweimer@redhat.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=jack@suse.cz \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=marcelo.cerri@canonical.com \
    --cc=matthias.peter@bsi.bund.de \
    --cc=mccann@jhu.edu \
    --cc=mjg59@srcf.ucam.org \
    --cc=mzxreary@0pointer.de \
    --cc=nhorman@redhat.com \
    --cc=nstange@suse.de \
    --cc=patrakov@gmail.com \
    --cc=rstrode@redhat.com \
    --cc=tytso@mit.edu \
    --cc=vcaputo@pengaru.com \
    --cc=w@1wt.eu \
    --cc=zachary@baishancloud.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git
	git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org
	public-inbox-index lkml

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git