From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Sandy Harris <sandyinchina@gmail.com>
Cc: "Simo Sorce" <simo@redhat.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
"Stephan Müller" <smueller@chronox.de>, "Tso Ted" <tytso@mit.edu>,
"Linux Crypto Mailing List" <linux-crypto@vger.kernel.org>,
"Willy Tarreau" <w@1wt.eu>, "Nicolai Stange" <nstange@suse.de>,
LKML <linux-kernel@vger.kernel.org>,
"Arnd Bergmann" <arnd@arndb.de>,
"Eric W. Biederman" <ebiederm@xmission.com>,
"Alexander E. Patrakov" <patrakov@gmail.com>,
"Ahmed S. Darwish" <darwish.07@gmail.com>,
"Matthew Garrett" <mjg59@srcf.ucam.org>,
"Vito Caputo" <vcaputo@pengaru.com>,
"Andreas Dilger" <adilger.kernel@dilger.ca>,
"Jan Kara" <jack@suse.cz>, "Ray Strode" <rstrode@redhat.com>,
"William Jon McCann" <mccann@jhu.edu>,
zhangjs <zachary@baishancloud.com>,
"Andy Lutomirski" <luto@kernel.org>,
"Florian Weimer" <fweimer@redhat.com>,
"Lennart Poettering" <mzxreary@0pointer.de>,
"Peter Matthias" <matthias.peter@bsi.bund.de>,
"Marcelo Henrique Cerri" <marcelo.cerri@canonical.com>,
"Neil Horman" <nhorman@redhat.com>,
"Randy Dunlap" <rdunlap@infradead.org>,
"Julia Lawall" <julia.lawall@inria.fr>,
"Dan Carpenter" <dan.carpenter@oracle.com>,
"Andy Lavr" <andy.lavr@gmail.com>,
"Eric Biggers" <ebiggers@kernel.org>,
"Petr Tesarik" <ptesarik@suse.cz>,
"John Haxby" <john.haxby@oracle.com>,
"Alexander Lobakin" <alobakin@mailbox.org>,
"Jirka Hladky" <jhladky@redhat.com>,
"John Kelsey" <crypto.jmk@gmail.com>
Subject: Re: [PATCH v43 01/15] Linux Random Number Generator
Date: Tue, 30 Nov 2021 08:55:53 +0100 [thread overview]
Message-ID: <YaXZCdtyylHMa29o@kroah.com> (raw)
In-Reply-To: <CACXcFmntNAWYCwQ6CmH5c3pn3fXbxKh=j75GZUeLkuqi3QdS+A@mail.gmail.com>
On Tue, Nov 30, 2021 at 03:32:38PM +0800, Sandy Harris wrote:
> I think we should eliminate add_disk_randomness() since it does
> not work well on current hardware. Also, FIPS requires that
> entropy sources be independent & add_interrupt_randomness()
> depends on the same disk events so these sources may not be.
This whole "may not be" guessing game when it comes to FIPS
certification is a huge problem. I have heard of different vendors
getting different feedback and different implementations "passing" in
different ways that totally contradict each other. It seems that there
is a whole certification industry built up that you can use to try to
pass these tests, but those tests are different depending on the vendor
you use for this, making a total mess.
So perhaps getting solid answers, and having the FIPS people actually
implement (or at least review) the changes and submit them (this is all
open for everyone to see and work on), would be the best thing as that
would at least let us know that this is what they require.
Otherwise, it's a total guess as you state many times in this email, and
that is going to get us nowhere fast as the "requirements" end up
contradicting themselves all the time.
Also, why does any of this have to be in the kernel at all? If FIPS
requires a deterministic random number generator that will not allow
entropy to be acquired from hardware or external inputs, why does the
kernel care at all? Just write a fips_random.so library and get it
certified and have any userspace code that cares about such a crazy
thing to use that instead.
thanks,
greg k-h
next prev parent reply other threads:[~2021-11-30 8:47 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-21 16:39 [PATCH v43 00/15] /dev/random - a new approach Stephan Müller
2021-11-21 16:40 ` [PATCH v43 01/15] Linux Random Number Generator Stephan Müller
2021-11-21 17:23 ` Joe Perches
2021-11-21 22:42 ` Jason A. Donenfeld
2021-11-22 5:34 ` Stephan Mueller
2021-11-22 6:02 ` Greg Kroah-Hartman
2021-11-22 6:42 ` Stephan Mueller
2021-11-22 6:55 ` Greg Kroah-Hartman
2021-11-22 15:09 ` Simo Sorce
2021-11-22 21:06 ` Jeffrey Walton
2021-11-23 5:38 ` Stephan Mueller
2021-11-26 15:42 ` Greg Kroah-Hartman
2021-11-22 16:56 ` John Haxby
2021-11-26 15:40 ` Greg Kroah-Hartman
2021-11-22 14:59 ` Simo Sorce
2021-11-26 15:44 ` Greg Kroah-Hartman
2021-11-26 16:15 ` Stephan Mueller
2021-11-26 16:22 ` Greg Kroah-Hartman
2021-11-29 15:31 ` Stephan Mueller
2021-11-29 16:25 ` Greg Kroah-Hartman
2021-11-29 16:50 ` Stephan Mueller
2021-11-30 12:24 ` Jeffrey Walton
2021-11-30 14:04 ` Greg Kroah-Hartman
2021-11-30 14:31 ` Simo Sorce
2021-11-30 15:45 ` Greg Kroah-Hartman
2021-11-30 17:05 ` Willy Tarreau
2021-11-30 17:08 ` Simo Sorce
2021-11-30 18:15 ` Eric Biggers
2021-11-30 18:39 ` Jason A. Donenfeld
2021-11-30 19:41 ` Simo Sorce
2021-12-01 16:02 ` Jason A. Donenfeld
2021-12-01 17:19 ` Simo Sorce
2021-12-01 17:55 ` Boris Krasnovskiy
2021-12-01 18:05 ` Greg Kroah-Hartman
2021-12-01 18:24 ` Jason A. Donenfeld
2021-12-02 0:24 ` Jeffrey Walton
2021-12-02 7:12 ` Greg Kroah-Hartman
2021-12-02 15:50 ` John Haxby
2021-12-01 18:29 ` Jason A. Donenfeld
[not found] ` <BY5PR14MB3416DF44172D8F47D0B078A986689@BY5PR14MB3416.namprd14.prod.outlook.com>
2021-12-01 18:05 ` Greg Kroah-Hartman
2021-12-10 1:43 ` Marcelo Henrique Cerri
2021-12-10 6:46 ` Greg Kroah-Hartman
2021-12-10 9:30 ` Marcelo Henrique Cerri
2021-12-10 9:48 ` Greg Kroah-Hartman
2021-12-10 17:02 ` Simo Sorce
2021-12-11 7:06 ` Willy Tarreau
2021-12-11 8:09 ` Stephan Müller
2021-12-11 8:57 ` Willy Tarreau
2022-01-10 13:23 ` Marcelo Henrique Cerri
2022-01-10 14:11 ` Jason A. Donenfeld
2022-01-10 14:29 ` Theodore Ts'o
2022-01-10 14:38 ` Jason A. Donenfeld
2022-01-10 17:38 ` Theodore Ts'o
2022-01-10 18:29 ` Eric Biggers
2022-01-10 18:44 ` Jason A. Donenfeld
2022-01-10 19:41 ` Simo Sorce
2022-01-10 20:05 ` Eric Biggers
2022-01-10 19:49 ` Theodore Ts'o
2022-01-10 22:19 ` Jason A. Donenfeld
2022-01-11 1:44 ` Andy Lutomirski
2022-01-11 3:10 ` Theodore Ts'o
2022-01-11 4:04 ` Willy Tarreau
2022-01-11 4:13 ` Matthew Garrett
2022-01-11 10:01 ` Alexander E. Patrakov
[not found] ` <CAN_LGv0CTDi9k=t=TGHvaHZz5YVT+OUEBaRXjP=Xv=kousHY1w@mail.gmail.com>
2022-01-11 17:10 ` Matthew Garrett
2022-01-11 13:16 ` Jason A. Donenfeld
2022-01-11 16:08 ` Theodore Ts'o
2022-01-11 13:06 ` Jason A. Donenfeld
2022-01-11 15:10 ` Andy Lutomirski
2022-01-10 21:38 ` Jason A. Donenfeld
2022-01-10 15:07 ` Marcelo Henrique Cerri
2021-11-30 15:13 ` Jeffrey Walton
2021-11-30 15:39 ` Greg Kroah-Hartman
2021-11-30 7:32 ` Sandy Harris
2021-11-30 7:55 ` Greg Kroah-Hartman [this message]
2021-11-30 8:56 ` Stephan Mueller
2021-11-30 9:12 ` Greg Kroah-Hartman
2021-12-04 9:53 ` Sandy Harris
2021-11-22 10:33 ` kernel test robot
2021-11-22 11:47 ` Stephan Mueller
2021-11-25 5:25 ` [kbuild-all] " Chen, Rong A
2021-11-30 2:55 ` Sandy Harris
2021-11-30 6:06 ` Stephan Müller
2021-11-21 16:40 ` [PATCH v43 02/15] LRNG - IRQ entropy source Stephan Müller
2021-11-21 16:40 ` [PATCH v43 03/15] LRNG - sysctls and /proc interface Stephan Müller
2021-11-21 16:41 ` [PATCH v43 04/15] LRNG - allocate one DRNG instance per NUMA node Stephan Müller
2021-11-21 16:42 ` [PATCH v43 05/15] LRNG - CPU entropy source Stephan Müller
2021-11-22 7:09 ` kernel test robot
2021-11-22 11:48 ` Stephan Mueller
2021-11-21 16:42 ` [PATCH v43 06/15] LRNG - add switchable DRNG support Stephan Müller
2021-11-21 16:43 ` [PATCH v43 07/15] LRNG - add common generic hash support Stephan Müller
2021-11-21 16:43 ` [PATCH v43 08/15] crypto: DRBG - externalize DRBG functions for LRNG Stephan Müller
2021-11-21 16:44 ` [PATCH v43 09/15] LRNG - add SP800-90A DRBG extension Stephan Müller
2021-11-21 16:45 ` [PATCH v43 10/15] LRNG - add kernel crypto API PRNG extension Stephan Müller
2021-11-21 16:45 ` [PATCH v43 11/15] crypto: move Jitter RNG header include dir Stephan Müller
2021-11-21 16:46 ` [PATCH v43 12/15] LRNG - add Jitter RNG fast noise source Stephan Müller
2021-11-21 16:46 ` [PATCH v43 13/15] LRNG - add SP800-90B compliant health tests Stephan Müller
2021-11-21 16:47 ` [PATCH v43 14/15] LRNG - add interface for gathering of raw entropy Stephan Müller
2021-11-21 16:47 ` [PATCH v43 15/15] LRNG - add power-on and runtime self-tests Stephan Müller
2021-12-11 15:45 ` [PATCH v43 00/15] /dev/random - a new approach Thomas Schoebel-Theuer
2021-12-11 16:04 ` Willy Tarreau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YaXZCdtyylHMa29o@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=Jason@zx2c4.com \
--cc=adilger.kernel@dilger.ca \
--cc=alobakin@mailbox.org \
--cc=andy.lavr@gmail.com \
--cc=arnd@arndb.de \
--cc=crypto.jmk@gmail.com \
--cc=dan.carpenter@oracle.com \
--cc=darwish.07@gmail.com \
--cc=ebiederm@xmission.com \
--cc=ebiggers@kernel.org \
--cc=fweimer@redhat.com \
--cc=jack@suse.cz \
--cc=jhladky@redhat.com \
--cc=john.haxby@oracle.com \
--cc=julia.lawall@inria.fr \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=marcelo.cerri@canonical.com \
--cc=matthias.peter@bsi.bund.de \
--cc=mccann@jhu.edu \
--cc=mjg59@srcf.ucam.org \
--cc=mzxreary@0pointer.de \
--cc=nhorman@redhat.com \
--cc=nstange@suse.de \
--cc=patrakov@gmail.com \
--cc=ptesarik@suse.cz \
--cc=rdunlap@infradead.org \
--cc=rstrode@redhat.com \
--cc=sandyinchina@gmail.com \
--cc=simo@redhat.com \
--cc=smueller@chronox.de \
--cc=tytso@mit.edu \
--cc=vcaputo@pengaru.com \
--cc=w@1wt.eu \
--cc=zachary@baishancloud.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).