Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751507AbdISOWX (ORCPT ); Tue, 19 Sep 2017 10:22:23 -0400 Received: from imap.thunk.org ([74.207.234.97]:57870 "EHLO imap.thunk.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750948AbdISOWV (ORCPT ); Tue, 19 Sep 2017 10:22:21 -0400 Date: Tue, 19 Sep 2017 09:39:59 -0400 From: "Theodore Ts'o" To: "Jason A. Donenfeld" Cc: Stephan Mueller , linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, kernel-hardening@lists.openwall.com, LKML , David Howells , Eric Biggers , Herbert Xu , Kirill Marinushkin , Ard Biesheuvel , Ilhan Gurel , security@kernel.org, stable@vger.kernel.org Subject: Re: [PATCH v4] security/keys: rewrite all of big_key crypto Message-ID: <20170919133959.5fgtioyonlsdyjf5@thunk.org> Mail-Followup-To: Theodore Ts'o , "Jason A. Donenfeld" , Stephan Mueller , linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, kernel-hardening@lists.openwall.com, LKML , David Howells , Eric Biggers , Herbert Xu , Kirill Marinushkin , Ard Biesheuvel , Ilhan Gurel , security@kernel.org, stable@vger.kernel.org References: <20170916130034.17706-1-Jason@zx2c4.com> <2681038.03lnYPhpsa@tauon.chronox.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170609 (1.8.3) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: tytso@thunk.org X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1764 Lines: 35 On Mon, Sep 18, 2017 at 01:24:18PM +0200, Jason A. Donenfeld wrote: > Good luck with getting approval... While Ted and I have our > differences like any two kernel developers, I really tend agree with > him in his attitude about this FIPS silliness. It's unlikely you're > going to be able to shovel this stuff into random.c, and I think doing > so will undermine your entire LRNG effort. Let me add one more reason why FIPS compliance for the kernel is just ***stupid***. The way FIPS compliance works, you have to pay hundreds of thousands of dollars to a FIPS certification lab to certify a specific binary, complete with the exact build environment (compiler, binutils, etc.) used to build that kernel binary. The moment you need to make a change --- say, to fix a critical zero-day security bug --- this breaks the FIPS certification, and you then have to go back to the FIPS certification lab, and pay another hundreds of thousands of dollars for another certification. This will take weeks/months, and while you are waiting for the results to come back from the FIPS certification lab, the hackers will be busy extracting another 143 million credit histories, or another 4.1 million SF-86 Security Clearance Forms from the systems involved. :-) You might say that FIPS certification != FIPS compliance. Sure, but the only silly people who care about FIPS compliance also need FIPS certification, for the US Goverment signoff. Realistically, people who need FIPS certification will need to use FIPS certified crypto in hardware. In which case the FIPS certified RNG, as well as the FIPS certified crypto, will all be in a single certified lump of hardware, which doesn't have to change when we need to fix various kernel bugs. Cheers, - Ted