Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1947556imm;
        Sat, 4 Aug 2018 14:53:44 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpchpzRCK/2ae+AhRGN4+Lx9N5AZP25H7OYY/fw54x1h7JVM419ZlO56ov0UJE6RP0VR+jnE
X-Received: by 2002:a63:4924:: with SMTP id w36-v6mr8951195pga.143.1533419624254;
        Sat, 04 Aug 2018 14:53:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1533419624; cv=none;
        d=google.com; s=arc-20160816;
        b=mwdYh9V+3I+IStpPqTWvc9kYj0XPQHXzavTHrOvG9OI/nJBYNuVZob80e7YJGfPekQ
         fe1xIeMUA3lzf7sfcVFX2BFukdDfLKJK/7CRZjU1G0q6Vi1QgrYzUDfUtg0+gY/tQwVX
         rMcGj3UXiTUzRdS1QAUlep1/Dymby+/HCSOTMCpoA/p4Xz5UkY7bJvb/wf+jydWQn1k/
         3rYm76Npz/BKdjA38yvBOXbGfvMhXU9UsaVL7dA29bZuSbyr7sy7WNvmbOutwYkR0+4d
         14oVBUinxyjs/eE81V0LIXnecK3o5qbl3EjSH4xeTtsqu6UgDhunE08pwhkw/TlKpKyj
         cTDw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:to
         :from:date:arc-authentication-results;
        bh=xbL0hH2Js3EwaaE3dg+Y2QrAQNQDaLWtX9V2wqq40XU=;
        b=W6fCrXV3X7PC8ojJD0q2se1qM671eF2/13MqtRm3dkzX9NS786OO9uUXrmcMSsaERO
         8NKpmQP68WIEFAiL9k0Maxe5wps8e49iil1vh5xF12z+MNOoeeFVFfpZsKRkxNAOkzSk
         gNSUrUAXVary4rQZoVtrZpdqJo284262ItSQrAM9zpF1rpdfvRyHjq8XkiQUWWok5IDe
         RkM+Tqx9Jzf38LL5p/ummMwal2pDiH8LQW2D3lGZGYaoPt7NLVs79+cLbYL9k2vSUDTw
         6+/XaRQDhMiMJFHp0NFl+IIj2g7WyM1/WFaKbWiYd6HMTP/h2zDg/9T6TkxwaFzlYlYN
         uBDQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e14-v6si8026923pgg.345.2018.08.04.14.53.30;
        Sat, 04 Aug 2018 14:53:44 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729744AbeHDXy2 (ORCPT <rfc822;patchstalker@gmail.com>
        + 99 others); Sat, 4 Aug 2018 19:54:28 -0400
Received: from atrey.karlin.mff.cuni.cz ([195.113.26.193]:38271 "EHLO
        atrey.karlin.mff.cuni.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728882AbeHDXy2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 4 Aug 2018 19:54:28 -0400
Received: by atrey.karlin.mff.cuni.cz (Postfix, from userid 512)
        id D621880680; Sat,  4 Aug 2018 23:52:20 +0200 (CEST)
Date:   Sat, 4 Aug 2018 23:52:10 +0200
From:   Pavel Machek <pavel@ucw.cz>
To:     "Theodore Y. Ts'o" <tytso@mit.edu>,
        Yann Droneaud <ydroneaud@opteya.com>,
        linux-crypto@vger.kernel.org,
        Linux Kernel Developers List <linux-kernel@vger.kernel.org>,
        labbott@redhat.com
Subject: Re: [PATCH] random: add a config option to trust the CPU's hwrng
Message-ID: <20180804215209.GA3201@localhost>
References: <20180718014344.1309-1-tytso@mit.edu>
 <37046662f2b38f98854abfa1b5868a27c3fa0888.camel@opteya.com>
 <20180718142625.GA5942@thunk.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180718142625.GA5942@thunk.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi!

On Wed 2018-07-18 10:26:25, Theodore Y. Ts'o wrote:
> On Wed, Jul 18, 2018 at 09:22:13AM +0200, Yann Droneaud wrote:
> > 
> > The text message should explain this is only relevant during
> > initialization / early boot.
> > 
> > The config option name should state this.
> 
> There are other workarounds for hangs that happen after initialization
> / early boot, yes.  They are of varying levels of quality / safely,
> but that's neither here nor there.
> 
> However, enabling config option means that the CRNG will be
> initialized with potentially information available to the CPU
> manufacturer and/or Nation States, and this persists *after*
> initialization / early boot.  So to say, "we're perfectly safe after
> we leave initialization / early boot" is not true.

This should really be explained in the help text.

I assume that after 10 seconds of moving mouse, user is safe even when
rdrand is backoored?

(Plus, I'd say this should be kernel command line optiom, not config
option...?)

Best regards,

								Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html