From: Andy Lutomirski <luto@kernel.org> To: "Stephan Müller" <smueller@chronox.de> Cc: Arnd Bergmann <arnd@arndb.de>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Linux Crypto Mailing List <linux-crypto@vger.kernel.org>, LKML <linux-kernel@vger.kernel.org>, Linux API <linux-api@vger.kernel.org>, "Eric W. Biederman" <ebiederm@xmission.com>, "Alexander E. Patrakov" <patrakov@gmail.com>, "Ahmed S. Darwish" <darwish.07@gmail.com>, "Theodore Y. Ts'o" <tytso@mit.edu>, Willy Tarreau <w@1wt.eu>, Matthew Garrett <mjg59@srcf.ucam.org>, Vito Caputo <vcaputo@pengaru.com>, Andreas Dilger <adilger.kernel@dilger.ca>, Jan Kara <jack@suse.cz>, Ray Strode <rstrode@redhat.com>, William Jon McCann <mccann@jhu.edu>, zhangjs <zachary@baishancloud.com>, Andy Lutomirski <luto@kernel.org>, Florian Weimer <fweimer@redhat.com>, Lennart Poettering <mzxreary@0pointer.de>, Nicolai Stange <nstange@suse.de>, "Peter, Matthias" <matthias.peter@bsi.bund.de>, Marcelo Henrique Cerri <marcelo.cerri@canonical.com>, Roman Drahtmueller <draht@schaltsekun.de>, Neil Horman <nhorman@redhat.com> Subject: Re: [PATCH v24 00/12] /dev/random - a new approach with full SP800-90B compliance Date: Tue, 12 Nov 2019 07:33:59 -0800 [thread overview] Message-ID: <CALCETrVBzuOsDfaz5y3V4v+6xmeWufOYsOGnpZrRju6Pfsi6gg@mail.gmail.com> (raw) In-Reply-To: <6157374.ptSnyUpaCn@positron.chronox.de> On Mon, Nov 11, 2019 at 11:13 AM Stephan Müller <smueller@chronox.de> wrote: > > The following patch set provides a different approach to /dev/random which is > called Linux Random Number Generator (LRNG) to collect entropy within the Linux > kernel. The main improvements compared to the existing /dev/random is to provide > sufficient entropy during boot time as well as in virtual environments and when > using SSDs. A secondary design goal is to limit the impact of the entropy > collection on massive parallel systems and also allow the use accelerated > cryptographic primitives. Also, all steps of the entropic data processing are > testable. This is very nice! > > The LRNG patch set allows a user to select use of the existing /dev/random or > the LRNG during compile time. As the LRNG provides API and ABI compatible > interfaces to the existing /dev/random implementation, the user can freely chose > the RNG implementation without affecting kernel or user space operations. > > This patch set provides early boot-time entropy which implies that no > additional flags to the getrandom(2) system call discussed recently on > the LKML is considered to be necessary. I'm uneasy about this. I fully believe that, *on x86*, this works. But on embedded systems with in-order CPUs, a single clock, and very lightweight boot processes, most or all of boot might be too deterministic for this to work. I have a somewhat competing patch set here: https://git.kernel.org/pub/scm/linux/kernel/git/luto/linux.git/log/?h=random/kill-it (Ignore the "horrible test hack" and the debugfs part.) The basic summary is that I change /dev/random so that it becomes functionally identical to getrandom(..., 0) -- in other words, it blocks until the CRNG is initialized but is then identical to /dev/urandom. And I add getrandom(...., GRND_INSECURE) that is functionally identical to the existing /dev/urandom: it always returns *something* immediately, but it may or may not actually be cryptographically random or even random at all depending on system details. In other words, my series simplifies the ABI that we support. Right now, we have three ways to ask for random numbers with different semantics and we need to have to RNGs in the kernel at all time. With my changes, we have only two ways to ask for random numbers, and the /dev/random pool is entirely gone. Would you be amenable to merging this into your series (i.e. either merging the code or just the ideas)? This would let you get rid of things like the compile-time selection of the blocking TRNG, since the blocking TRNG would be entirely gone. Or do you think that a kernel-provided blocking TRNG is a genuinely useful thing to keep around? --Andy
next prev parent reply other threads:[~2019-11-12 15:34 UTC|newest] Thread overview: 162+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-11-11 18:17 Stephan Müller 2019-11-11 18:18 ` [PATCH v24 01/12] Linux Random Number Generator Stephan Müller 2019-11-11 23:54 ` Thomas Gleixner 2019-11-12 2:25 ` Stephan Müller 2019-11-12 10:16 ` Thomas Gleixner 2019-11-12 22:30 ` kbuild test robot 2019-11-12 23:15 ` Stephan Müller 2019-11-13 0:14 ` kbuild test robot 2019-11-13 0:25 ` Stephan Müller 2019-11-24 4:51 ` Sandy Harris 2019-11-24 9:02 ` Stephan Mueller 2019-11-11 18:19 ` [PATCH v24 02/12] LRNG - allocate one SDRNG instance per NUMA node Stephan Müller 2019-11-11 18:20 ` [PATCH v24 03/12] LRNG - /proc interface Stephan Müller 2019-11-11 18:20 ` [PATCH v24 04/12] LRNG - add switchable DRNG support Stephan Müller 2019-11-11 18:21 ` [PATCH v24 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller 2019-11-11 18:21 ` [PATCH v24 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller 2019-11-11 18:22 ` [PATCH v24 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller 2019-11-11 18:23 ` [PATCH v24 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller 2019-11-11 18:23 ` [PATCH v24 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller 2019-11-11 18:24 ` [PATCH v24 10/12] LRNG - add TRNG support Stephan Müller 2019-11-11 18:26 ` [PATCH v24 11/12] LRNG - add SP800-90B compliant health tests Stephan Müller 2019-11-12 19:58 ` Alexander E. Patrakov 2019-11-12 23:11 ` Stephan Müller 2019-11-13 0:36 ` Stephan Müller 2019-11-13 6:02 ` Alexander E. Patrakov 2019-11-14 1:46 ` Stephan Müller 2019-11-11 18:26 ` [PATCH v24 12/12] LRNG - add interface for gathering of raw entropy Stephan Müller 2019-11-12 20:55 ` kbuild test robot 2019-11-12 23:13 ` Stephan Müller 2019-11-12 13:23 ` [PATCH v24 00/12] /dev/random - a new approach with full SP800-90B compliance Florian Weimer 2019-11-12 22:43 ` Stephan Müller 2019-11-12 15:33 ` Andy Lutomirski [this message] 2019-11-12 23:03 ` Stephan Müller 2019-11-12 23:26 ` Stephan Müller 2019-11-13 4:24 ` Stephan Müller 2019-11-13 4:48 ` Andy Lutomirski 2019-11-13 12:16 ` Stephan Müller 2019-11-16 9:32 ` [PATCH v25 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller 2019-11-16 9:33 ` [PATCH v25 01/12] Linux Random Number Generator Stephan Müller 2019-11-16 11:25 ` Thomas Gleixner 2019-11-17 10:30 ` Stephan Müller 2019-11-16 18:13 ` Nicolai Stange 2019-11-17 11:01 ` Stephan Müller 2019-11-16 9:33 ` [PATCH v25 02/12] LRNG - allocate one SDRNG instance per NUMA node Stephan Müller 2019-11-16 9:34 ` [PATCH v25 03/12] LRNG - /proc interface Stephan Müller 2019-11-16 16:39 ` Andy Lutomirski 2019-11-17 12:16 ` Stephan Müller 2019-11-19 10:06 ` Andy Lutomirski 2019-11-19 10:55 ` Stephan Mueller 2019-11-19 17:40 ` Andy Lutomirski 2019-11-16 23:36 ` Eric W. Biederman 2019-11-17 11:37 ` Stephan Müller 2019-11-16 9:34 ` [PATCH v25 04/12] LRNG - add switchable DRNG support Stephan Müller 2019-11-16 9:35 ` [PATCH v25 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller 2019-11-16 9:35 ` [PATCH v25 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller 2019-11-16 9:35 ` [PATCH v25 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller 2019-11-16 9:36 ` [PATCH v25 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller 2019-11-16 9:36 ` [PATCH v25 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller 2019-11-20 13:33 ` Neil Horman 2019-11-20 20:07 ` Stephan Müller 2019-11-21 14:19 ` Neil Horman 2019-11-21 14:33 ` Stephan Mueller 2019-11-16 9:37 ` [PATCH v25 10/12] LRNG - add TRNG support Stephan Müller 2019-11-16 16:09 ` Andy Lutomirski 2019-11-17 11:10 ` Stephan Müller 2019-11-19 10:07 ` Andy Lutomirski 2019-11-19 10:46 ` Stephan Mueller 2019-11-19 12:41 ` Greg Kroah-Hartman 2019-11-20 8:58 ` Stephan Müller 2019-11-20 9:55 ` Alexander E. Patrakov 2019-11-20 13:29 ` Greg Kroah-Hartman 2019-11-20 19:51 ` Stephan Müller 2019-11-20 19:57 ` Alexander E. Patrakov 2019-11-20 20:32 ` Greg Kroah-Hartman 2019-11-21 13:06 ` Stephan Müller 2019-11-16 9:37 ` [PATCH v25 11/12] LRNG - add SP800-90B compliant health tests Stephan Müller 2019-11-16 9:38 ` [PATCH v25 12/12] LRNG - add interface for gathering of raw entropy Stephan Müller 2019-11-16 16:51 ` Andy Lutomirski 2019-11-17 22:55 ` Stephan Müller 2019-11-19 10:04 ` Andy Lutomirski 2019-11-19 17:17 ` Randy Dunlap 2019-11-20 9:01 ` Stephan Müller 2019-11-21 12:18 ` Nicolai Stange 2019-11-21 15:18 ` Stephan Müller 2019-11-23 20:08 ` [PATCH v26 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller 2019-11-23 20:10 ` [PATCH v26 01/12] Linux Random Number Generator Stephan Müller 2019-11-24 22:44 ` kbuild test robot 2019-11-25 6:29 ` Stephan Mueller 2019-11-23 20:10 ` [PATCH v26 02/12] LRNG - allocate one SDRNG instance per NUMA node Stephan Müller 2019-11-23 20:11 ` [PATCH v26 03/12] LRNG - sysctls and /proc interface Stephan Müller 2019-11-23 20:11 ` [PATCH v26 04/12] LRNG - add switchable DRNG support Stephan Müller 2019-11-23 20:31 ` [PATCH v26 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller 2019-11-23 20:32 ` [PATCH v26 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller 2019-11-23 20:32 ` [PATCH v26 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller 2019-11-23 20:33 ` [PATCH v26 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller 2019-11-23 20:34 ` [PATCH v26 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller 2019-11-23 20:34 ` [PATCH v26 10/12] LRNG - add TRNG support Stephan Müller 2019-11-23 20:34 ` [PATCH v26 11/12] LRNG - add SP800-90B compliant health tests Stephan Müller 2019-11-23 20:35 ` [PATCH v26 12/12] LRNG - add interface for gathering of raw entropy Stephan Müller 2020-01-09 8:29 ` [PATCH v27 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller 2020-01-09 8:30 ` [PATCH v27 01/12] Linux Random Number Generator Stephan Müller 2020-01-16 6:09 ` kbuild test robot 2020-01-16 6:41 ` Stephan Mueller 2020-01-09 8:31 ` [PATCH v27 02/12] LRNG - allocate one DRNG instance per NUMA node Stephan Müller 2020-01-09 8:31 ` [PATCH v27 03/12] LRNG - sysctls and /proc interface Stephan Müller 2020-01-09 8:32 ` [PATCH v27 04/12] LRNG - add switchable DRNG support Stephan Müller 2020-01-11 7:09 ` kbuild test robot 2020-01-12 10:12 ` Stephan Müller 2020-01-09 8:32 ` [PATCH v27 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller 2020-01-09 8:32 ` [PATCH v27 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller 2020-01-09 8:33 ` [PATCH v27 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller 2020-01-09 8:33 ` [PATCH v27 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller 2020-01-09 8:34 ` [PATCH v27 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller 2020-01-10 0:24 ` Randy Dunlap 2020-01-10 7:45 ` Stephan Mueller 2020-01-09 8:34 ` [PATCH v27 10/12] LRNG - add SP800-90B compliant health tests Stephan Müller 2020-01-10 0:20 ` Randy Dunlap 2020-01-10 8:27 ` Stephan Mueller 2020-01-09 8:35 ` [PATCH v27 11/12] LRNG - add interface for gathering of raw entropy Stephan Müller 2020-01-09 8:35 ` [PATCH v27 12/12] LRNG - add power-on and runtime self-tests Stephan Müller 2020-01-10 0:22 ` Randy Dunlap 2020-01-10 7:48 ` Stephan Mueller 2020-01-13 10:39 ` Dan Carpenter 2020-01-13 10:46 ` Stephan Mueller 2020-01-15 10:31 ` [PATCH v28 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller 2020-01-15 10:31 ` [PATCH v28 01/12] Linux Random Number Generator Stephan Müller 2020-01-16 0:11 ` Randy Dunlap 2020-01-16 7:22 ` Stephan Mueller 2020-01-15 10:32 ` [PATCH v28 02/12] LRNG - allocate one DRNG instance per NUMA node Stephan Müller 2020-01-15 10:32 ` [PATCH v28 03/12] LRNG - sysctls and /proc interface Stephan Müller 2020-01-15 10:32 ` [PATCH v28 04/12] LRNG - add switchable DRNG support Stephan Müller 2020-01-15 10:33 ` [PATCH v28 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller 2020-01-15 10:33 ` [PATCH v28 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller 2020-01-16 0:14 ` Randy Dunlap 2020-01-16 6:55 ` Stephan Mueller 2020-01-15 10:34 ` [PATCH v28 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller 2020-01-16 0:15 ` Randy Dunlap 2020-01-16 6:54 ` Stephan Mueller 2020-01-15 10:34 ` [PATCH v28 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller 2020-01-15 10:34 ` [PATCH v28 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller 2020-01-16 0:17 ` Randy Dunlap 2020-01-16 6:51 ` Stephan Mueller 2020-01-15 10:35 ` [PATCH v28 10/12] LRNG - add SP800-90B compliant health tests Stephan Müller 2020-01-15 10:35 ` [PATCH v28 11/12] LRNG - add interface for gathering of raw entropy Stephan Müller 2020-01-16 0:18 ` Randy Dunlap 2020-01-16 6:43 ` Stephan Mueller 2020-01-16 6:48 ` Randy Dunlap 2020-01-16 6:52 ` Stephan Mueller 2020-01-15 10:36 ` [PATCH v28 12/12] LRNG - add power-on and runtime self-tests Stephan Müller 2020-01-19 21:12 ` [PATCH v29 00/12] /dev/random - a new approach with full SP800-90B Stephan Müller 2020-01-19 21:13 ` [PATCH v29 01/12] Linux Random Number Generator Stephan Müller 2020-01-19 21:13 ` [PATCH v29 02/12] LRNG - allocate one DRNG instance per NUMA node Stephan Müller 2020-01-19 21:14 ` [PATCH v29 03/12] LRNG - sysctls and /proc interface Stephan Müller 2020-01-19 21:14 ` [PATCH v29 04/12] LRNG - add switchable DRNG support Stephan Müller 2020-01-19 21:15 ` [PATCH v29 05/12] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller 2020-01-19 21:16 ` [PATCH v29 06/12] LRNG - add SP800-90A DRBG extension Stephan Müller 2020-01-19 21:16 ` [PATCH v29 07/12] LRNG - add kernel crypto API PRNG extension Stephan Müller 2020-01-19 21:17 ` [PATCH v29 08/12] crypto: provide access to a static Jitter RNG state Stephan Müller 2020-01-19 21:18 ` [PATCH v29 09/12] LRNG - add Jitter RNG fast noise source Stephan Müller 2020-01-19 21:18 ` [PATCH v29 10/12] LRNG - add SP800-90B compliant health tests Stephan Müller 2020-01-19 21:19 ` [PATCH v29 11/12] LRNG - add interface for gathering of raw entropy Stephan Müller 2020-01-19 21:20 ` [PATCH v29 12/12] LRNG - add power-on and runtime self-tests Stephan Müller
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CALCETrVBzuOsDfaz5y3V4v+6xmeWufOYsOGnpZrRju6Pfsi6gg@mail.gmail.com \ --to=luto@kernel.org \ --cc=adilger.kernel@dilger.ca \ --cc=arnd@arndb.de \ --cc=darwish.07@gmail.com \ --cc=draht@schaltsekun.de \ --cc=ebiederm@xmission.com \ --cc=fweimer@redhat.com \ --cc=gregkh@linuxfoundation.org \ --cc=jack@suse.cz \ --cc=linux-api@vger.kernel.org \ --cc=linux-crypto@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=marcelo.cerri@canonical.com \ --cc=matthias.peter@bsi.bund.de \ --cc=mccann@jhu.edu \ --cc=mjg59@srcf.ucam.org \ --cc=mzxreary@0pointer.de \ --cc=nhorman@redhat.com \ --cc=nstange@suse.de \ --cc=patrakov@gmail.com \ --cc=rstrode@redhat.com \ --cc=smueller@chronox.de \ --cc=tytso@mit.edu \ --cc=vcaputo@pengaru.com \ --cc=w@1wt.eu \ --cc=zachary@baishancloud.com \ --subject='Re: [PATCH v24 00/12] /dev/random - a new approach with full SP800-90B compliance' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).