Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp164559ybn; Thu, 3 Oct 2019 03:16:59 -0700 (PDT) X-Google-Smtp-Source: APXvYqzq2KzQHF1j9ZC3QMV6F55ImZWZ3zQ0pyiDcNTrzVzrx4CcIyeN5MMEdbE5pOSNO8w+aY3m X-Received: by 2002:a17:906:b84e:: with SMTP id ga14mr6940820ejb.215.1570097819091; Thu, 03 Oct 2019 03:16:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570097819; cv=none; d=google.com; s=arc-20160816; b=tGqXM7FLgk8mrdPtRHhKcmQ09WXqBdBRSvEQizaulasDToMmiN46vFkF3rTUkOVIa4 zdSVVLTeWhL08E0hvZ5LvPQXmp6IX9NG0rrha6AH+m/V4r899TsrvdQvqRof+nQSnk4J q8ezHZdp1Il4RLta8Agd9DFyauM9RNzmkNM4nC9gTaZGau2lT5MLdKGcSoiBCpoShS2z E5VGZ0/GcnF8+Gn/rsUqgOrAlEUNyCjGCdgbYmuB9YhQWdF39zZG4kVvSS10+U3SHuEJ zTGSnOVYOkoI68BfQOlBCr3rKMsrdgPqCDelDcSz5nGa7rryvjFBjhpPhFo12jyif3Bq Oh3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :content-language:accept-language:in-reply-to:references:message-id :date:thread-index:thread-topic:subject:cc:to:from; bh=CLXiLGhOOVAXtSMVmySUk+w1C2eEk3n2kYoET3PmRBw=; b=tnhwO7St71jR1cnKZrpbQm2kGg3xp+l9UL/4FYXdpg/f6zi8kkBo9SSbWMrYmV02Cx 4dxsnLieIMS9yCUWJuqMrMhA948ExzmGFoeXjGBIssiP2wpns8wmMFYd25g7fsSzMbhS RkAdzx7dS93ZVUX2Jqd26be79BYLh6fUsjV4E2sA1YVB+uqLj1OhrBNcZ9lfkROrmX/7 rSLSy0IJEBefH4JrBDdlPJ289W/2bBQ876R7tPZWkMPjVJ0+qelQG9iEWihw7lLl/kl1 3VN2xUptOu9ZVwrYZSgbqdp5g/H0nESHLTbkt4NmeuKG+QWHyN97Zg1trK3TcO/D4tbJ HKnw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b20si1088656edc.359.2019.10.03.03.16.31; Thu, 03 Oct 2019 03:16:59 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728185AbfJCKNo convert rfc822-to-8bit (ORCPT + 99 others); Thu, 3 Oct 2019 06:13:44 -0400 Received: from eu-smtp-delivery-151.mimecast.com ([146.101.78.151]:56391 "EHLO eu-smtp-delivery-151.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725827AbfJCKNo (ORCPT ); Thu, 3 Oct 2019 06:13:44 -0400 Received: from AcuMS.aculab.com (156.67.243.126 [156.67.243.126]) (Using TLS) by relay.mimecast.com with ESMTP id uk-mta-51-DH_yUcB-PHeo9Pyr2wfXUg-1; Thu, 03 Oct 2019 11:13:41 +0100 Received: from AcuMS.Aculab.com (fd9f:af1c:a25b:0:43c:695e:880f:8750) by AcuMS.aculab.com (fd9f:af1c:a25b:0:43c:695e:880f:8750) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Thu, 3 Oct 2019 11:13:39 +0100 Received: from AcuMS.Aculab.com ([fe80::43c:695e:880f:8750]) by AcuMS.aculab.com ([fe80::43c:695e:880f:8750%12]) with mapi id 15.00.1347.000; Thu, 3 Oct 2019 11:13:39 +0100 From: David Laight To: 'Kurt Roeckx' , "linux-kernel@vger.kernel.org" CC: Theodore Ts'o Subject: RE: Stop breaking the CSRNG Thread-Topic: Stop breaking the CSRNG Thread-Index: AQHVeUNxp+fni2lQz0uk1fV0/DAY1qdIrV6A Date: Thu, 3 Oct 2019 10:13:39 +0000 Message-ID: References: <20191002165533.GA18282@roeckx.be> In-Reply-To: <20191002165533.GA18282@roeckx.be> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.202.205.107] MIME-Version: 1.0 X-MC-Unique: DH_yUcB-PHeo9Pyr2wfXUg-1 X-Mimecast-Spam-Score: 0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Kurt Roeckx > Sent: 02 October 2019 17:56 > As OpenSSL, we want cryptograhic secure random numbers. Before > getrandom(), Linux never provided a good API for that, both > /dev/random and /dev/urandom have problems. getrandom() fixed > that, so we switched to it were available. The fundamental problem is that you can't always get ' cryptograhic secure random numbers'. No API changes are ever going to change that. The system can either return an error or sleep (possibly indefinitely) until some 'reasonably random' numbers are available. A RISC-V system running on an FGPA (I've only used Altera NIOS cpu) may have absolutely no sources of randomness at boot time. Saying the architecture must include a random number instruction doesn't help! Generating random bits inside the FPGA is somewhere between 'difficult' and impossible (forcing metastability between clock domains might work). David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)