Received: by 2002:a05:6a10:9e8c:0:0:0:0 with SMTP id y12csp248138pxx; Thu, 29 Oct 2020 01:23:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwrk2R0ly/ZYeo8I92s82lmnjGtsMo8wvcgRboaIzeFcDMSDF/r7W6WKg6oy/3KbnhfLcwU X-Received: by 2002:a17:906:7e0e:: with SMTP id e14mr2849292ejr.238.1603959791365; Thu, 29 Oct 2020 01:23:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603959791; cv=none; d=google.com; s=arc-20160816; b=0OSZ6z+TIJFGkRb0bfLVwyn/FCuv3ZiZOnoR5coj1nt2omLnxYwWcAOkN3qHDavIkc RIJ8KTMaZne1bpHJ8eWSKBWrQWxeZ0QD3+SNYBLZxk5PqUblRuwKp+s/M9tFGOBie4pv 4SFwrLPEB4VKZyv4JLVv09F3JpHcGhPzF5r8j0I1nGexo3yW72yze7Z+kgzcjo3I16Ok 9TkdwMUzGr5XbBh+NOLJqwndsFT4G8id6tPK+zM2i7HW+PNhX4Qsvm29E5dXkPfUVihI uGsTbf3FAi0tswYnlKNagbw6fG3Ouybr0it2xeNMvx+9X0xbf2O1So23y0cso1q6BVrw ENGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date; bh=GtxldDULgK5LahbGuQC5nttOnRQSgW3D8fyFdHxLFmg=; b=vIlcAlyfqMuskh+qxAcWHl1OTOwupUFJ5eMlF1pj0Az3mkDF32cO3otCvf4Oh/xzM/ P02ffKNa84/f85BDHjqf67N1g1RYlOjrNAVIRcRishd/QIh3NpXJXQC0RibONw2qj0vX lG1V5t1N7/jNoywVhn3VnNhxLtTyk9EmHW87KPRLBLyB97dwaHHMzcZiLfL112Y43Qeo lyLZr5Z66MOq9HLgpjkL0AGRfcajyM5I94ZauauiuxDHQ+neyEG1h/0nUJop0qD/qH/K 40ThBwuie3Xob5MhX6/3kFKBMJmcCm++sdDshJzsTg9QZsW+wHoO887hPWfN2O9P22I8 mEzw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id lm6si1239021ejb.334.2020.10.29.01.22.39; Thu, 29 Oct 2020 01:23:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388468AbgJ2AXt convert rfc822-to-8bit (ORCPT + 99 others); Wed, 28 Oct 2020 20:23:49 -0400 Received: from verein.lst.de ([213.95.11.211]:45358 "EHLO verein.lst.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388466AbgJ1Wh2 (ORCPT ); Wed, 28 Oct 2020 18:37:28 -0400 Received: by verein.lst.de (Postfix, from userid 107) id 9202368C65; Wed, 28 Oct 2020 18:52:06 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on verein.lst.de X-Spam-Level: X-Spam-Status: No, score=-0.2 required=5.0 tests=ALL_TRUSTED,BAYES_50 autolearn=disabled version=3.3.1 Received: from blackhole.lan (p5b33f9d6.dip0.t-ipconnect.de [91.51.249.214]) by verein.lst.de (Postfix) with ESMTPSA id 73EA367357; Wed, 28 Oct 2020 18:51:22 +0100 (CET) Date: Wed, 28 Oct 2020 18:51:17 +0100 From: Torsten Duwe To: "Theodore Y. Ts'o" Cc: Stephan =?UTF-8?B?TcO8bGxlcg==?= , Willy Tarreau , linux-crypto@vger.kernel.org, Nicolai Stange , LKML , Arnd Bergmann , Greg Kroah-Hartman , "Eric W. Biederman" , "Alexander E. Patrakov" , "Ahmed S. Darwish" , Matthew Garrett , Vito Caputo , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , Andy Lutomirski , Florian Weimer , Lennart Poettering , Peter Matthias , Marcelo Henrique Cerri , Neil Horman , Randy Dunlap , Julia Lawall , Dan Carpenter , And y Lavr , Eric Biggers , "Jason A. Donenfeld" , Petr Tesarik , marcelo.cerri@canonical.com, simo@redhat.com Subject: Re: [PATCH v36 00/13] /dev/random - a new approach Message-ID: <20201028185117.74300988@blackhole.lan> In-Reply-To: <3073852.aeNJFYEL58@positron.chronox.de> References: <20200921075857.4424-1-nstange@suse.de> <2961243.vtBmWVcJkq@tauon.chronox.de> <20201016172619.GA18410@lst.de> <3073852.aeNJFYEL58@positron.chronox.de> Organization: LST e.V. X-Mailer: Claws Mail 3.17.6 (GTK+ 2.24.32; x86_64-suse-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Mon, 19 Oct 2020 21:28:50 +0200 Stephan Müller wrote: [...] > * Sole use of crypto for data processing: [...] > - The LRNG uses only properly defined and implemented cryptographic > algorithms unlike the use of the SHA-1 transformation in the > existing /dev/random implementation. > > - Hash operations use NUMA-node-local hash instances to benefit large > parallel systems. > > - LRNG uses limited number of data post-processing steps [...] > * Performance > > - Faster by up to 75% in the critical code path of the interrupt > handler depending on data collection size configurable at kernel > compile time - the default is about equal in performance with > existing /dev/random as outlined in [2] section 4.2. [...] > - ChaCha20 DRNG is significantly faster as implemented in the > existing /dev/random as demonstrated with [2] table 2. > > - Faster entropy collection during boot time to reach fully seeded > level, including on virtual systems or systems with SSDs as > outlined in [2] section 4.1. > > * Testing [...] So we now have 2 proposals for a state-of-the-art RNG, and over a month without a single comment on-topic from any `get_maintainer.pl` I don't want to emphasise the certification aspects so much. The interrelation is rather that those certifications require certain code features, features which are reasonable per se. But the current code is lagging way behind. I see the focus namely on performance, scalability, testability and virtualisation. And it certainly is an advantage to use the code already present under crypto, with its optimisations, and not rely on some home brew. Can we please have a discussion about how to proceed? Ted, Greg, Arnd: which approach would you prefer? Torsten