Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp786368imm; Wed, 18 Jul 2018 10:37:23 -0700 (PDT) X-Google-Smtp-Source: AAOMgpdmBuIKh1ZqteN0zAI22ZV7KNDKc57P9SlgjU881M9JFr/EIu5SVTeCN+ecIg7mf27oZ8jW X-Received: by 2002:a65:53cb:: with SMTP id z11-v6mr6640541pgr.218.1531935443055; Wed, 18 Jul 2018 10:37:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531935443; cv=none; d=google.com; s=arc-20160816; b=dTzjSFWL0E7/ObwEi9KRErrW45Oq76wzaTcn2ug31N7BZOdgZgogEmEAGBe9WCy7h1 mBnbvFFgcQFC+Ka4EvaipGqU54ooD1N/97x3SV2lSeABGYhR2qhgFNezaXYWcz8GxYEb NC5NMFWhYKsPEzYexOnrXuQqQjqcRJ/sE1Jafx7dL5dGE9zoRmH2GN1xEcF2TiAEzHEF x//QX6kguBe83+GF3Yq6dAet4Bcw2MFgEri9iH0lwcStDN7nqX/Bx6WPgWIdOg/It/S1 Bs1clO4AUSaC0I1H1q//XbDryEHpkR6KdnsZu38XOUdyWdZR9RWGj2iTqi3WffaxioQh dSbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=a1M2yLEw+iaksbket0HI5ThJW44kmqwZx8TYaFekuLM=; b=fr639Qb09hBhrTdsSn7wMtamLo2HoN3JEbfDt2V/rZfsCPzLF8z4cOerN8gdUbBzmM QR97zZzWGJrvkqUKAO+x3fSjl/0o/cHz4PLFBQ8FfitP/4ul2uUSTBDFnW/etrenjNM4 8Kofmfzr4is0EWpHTFj/kgsZAEvPG0vVnveky2vt1OW/YomJ6t2JwRU+l8a6I+3oPRAX WvDLMClnhC4vO1t/BHmd8sL5FZ2yEECJ8wvLoNiMaeeqduQEVGwVNVgIH1KTOawV0Gqe iG96Yiw/xTiK9yaaqRnnqAbWi752Shpq/yTtGLNUTc+ptjEGzb0f3fTbZbU69tKRk+me cqEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@thunk.org header.s=ef5046eb header.b="Sw/cX0zs"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t1-v6si3817673pgg.643.2018.07.18.10.37.08; Wed, 18 Jul 2018 10:37:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@thunk.org header.s=ef5046eb header.b="Sw/cX0zs"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731498AbeGRSPW (ORCPT + 99 others); Wed, 18 Jul 2018 14:15:22 -0400 Received: from imap.thunk.org ([74.207.234.97]:58130 "EHLO imap.thunk.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731361AbeGRSPW (ORCPT ); Wed, 18 Jul 2018 14:15:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=thunk.org; s=ef5046eb; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=a1M2yLEw+iaksbket0HI5ThJW44kmqwZx8TYaFekuLM=; b=Sw/cX0zshwgfUSM/d7TCF38ljk EDLIxivgpSHitFXa2mIrKv0rXqJx1ndd3FvP3BVDygeu/NpP9aQsXiArJ+bVCSn2iSyc3dTM/mg2r uWHmSiUWJR1YMPDnWtICHI/tZ71YEt8q7o5u0kQwYQaGrMF/kBeH5Hef/Kfys4tclxuc=; Received: from root (helo=callcc.thunk.org) by imap.thunk.org with local-esmtp (Exim 4.89) (envelope-from ) id 1ffqNE-00052x-K6; Wed, 18 Jul 2018 17:36:24 +0000 Received: by callcc.thunk.org (Postfix, from userid 15806) id E0EB77A6403; Wed, 18 Jul 2018 13:36:21 -0400 (EDT) Date: Wed, 18 Jul 2018 13:36:21 -0400 From: "Theodore Y. Ts'o" To: Sandy Harris Cc: Linux Crypto Mailing List , Linux Kernel Developers List , labbott@redhat.com Subject: Re: [PATCH] random: addu a config option to trust the CPU's hwrng Message-ID: <20180718173621.GC30706@thunk.org> Mail-Followup-To: "Theodore Y. Ts'o" , Sandy Harris , Linux Crypto Mailing List , Linux Kernel Developers List , labbott@redhat.com References: <20180718014344.1309-1-tytso@mit.edu> <20180718015154.GE3489@thunk.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.0 (2018-05-17) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: tytso@thunk.org X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 18, 2018 at 11:14:20AM -0400, Sandy Harris wrote: > Instead, I had a compile-time option to choose a number 0-32 > for how much entropy to assume a 32-bit value from the HWRNG > contains. Default was something less than 32. I debated values > in the 24-30 range, don't recall what I chose & don't think it > Matters hugely. > > Is that a better approach than the binary choice? This patch is only affecting the initialization of the CRNG. It doesn't do anything about the entropy estimator, so it doesn't change the behavior of /dev/random, for example. In practice I doubt most people would be able to deal with a numerical dial, and I'm trying to ecourage people to use getrandom(2). I view /dev/random as a legacy interface, and for most people a CRNG is quite sufficient. For those people who are super paranoid and want a "true random number generator" (and the meaning of that is hazy) because a CRNG is Not Enough, my recommendation these days is that they get something like an open hardware RNG solution, such as ChaosKey from Altus Metrum[1]. [1] https://altusmetrum.org/ChaosKey/ - Ted