Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp6751591pxu; Thu, 24 Dec 2020 11:20:58 -0800 (PST) X-Google-Smtp-Source: ABdhPJyJZIe5Fp5xYXs+EUlLgLACeAvRJMX+En6WbGuNhCFgdennoStN1V+8k/w4adktB0L4bU4A X-Received: by 2002:a17:906:edb2:: with SMTP id sa18mr27919973ejb.264.1608837657865; Thu, 24 Dec 2020 11:20:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1608837657; cv=none; d=google.com; s=arc-20160816; b=QeqbqWJB/fu338pBNJfRPgN14vNQx1DgWsWD/lsqTGeiXdlQSXYQQqPVfX1WzuKBPs XE5lMzZVHtGMJsf0DzqsTFG7soV9DVZj5w0JlUSGKuFqIMpNcFMynKqtJTbw+gMhUj4u GBE60BceNAZn+QPBKk21mlMAPbhwWH1jWgveU+kZqZdHTuIsW8RkTsCOZw10Ftdf2/3J d26qcW7TLhuIyvu/ggGko/OskfmFb5nSwQjSNhlx4GiCmiAhmwHk3cVnMKrDjNzTfezp D77nXUZgEpT9+8GOAbGUiYAv9UqPRdo9pMDrLxsb6P+c+H3JX2Ps3jjj3cSrNOy/HvjX tzNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=9BmyDWPjRgUOml3iLVxIH4Xxf/9gvwhjzKH8UKNKUC0=; b=f5ncAogtjRck6ERnyNvHPcrNiegei/juYICPH9E67gsjHv/qhB9/V9vus6MozTIcWb p8Rc1n00u8GT+DNvHDvrt6OPe24CtIH5gi8NeWfI0KdlpuFKn3udi+GkcBHN7ktwh9XO Odq+98hXU1o5bQF2lwTeHbdGHgOthve2euxYMhhlYJL0z+EWC12lP9XIFjDBD1fMhRar KqP2CM/Xx23BUXuWg9O6CUEZlGiSCdXPIacvTM4I6kxZ5W6zTf9JAeX1qDHpbFVSGPP2 inZ15+Y6o8wJJfdO8g09TTz7ymWfqDMOOnwUbYfBPHKTyAcluzfnGspJIIMd82HZgHCR oNgw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g20si15243850edm.288.2020.12.24.11.20.38; Thu, 24 Dec 2020 11:20:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728805AbgLXTUf (ORCPT + 99 others); Thu, 24 Dec 2020 14:20:35 -0500 Received: from jabberwock.ucw.cz ([46.255.230.98]:54624 "EHLO jabberwock.ucw.cz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728777AbgLXTUf (ORCPT ); Thu, 24 Dec 2020 14:20:35 -0500 Received: by jabberwock.ucw.cz (Postfix, from userid 1017) id 9192B1C0B9B; Thu, 24 Dec 2020 20:19:53 +0100 (CET) Date: Thu, 24 Dec 2020 20:19:53 +0100 From: Pavel Machek To: Petr Tesarik Cc: "Jason A. Donenfeld" , Torsten Duwe , Marcelo Henrique Cerri , "Theodore Y. Ts'o" , Linus Torvalds , Stephan =?iso-8859-1?Q?M=FCller?= , Willy Tarreau , Linux Crypto Mailing List , Nicolai Stange , LKML , Arnd Bergmann , "Eric W. Biederman" , "Alexander E. Patrakov" , "Ahmed S. Darwish" , Matthew Garrett , Vito Caputo , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , Andy Lutomirski , Florian Weimer , Lennart Poettering , Peter Matthias , Neil Horman , Randy Dunlap , Julia Lawall , Dan Carpenter , And y Lavr , Eric Biggers , Ard Biesheuvel , simo@redhat.com Subject: Re: drivers/char/random.c needs a (new) maintainer Message-ID: <20201224191953.GD22388@amd> References: <20201130151231.GA24862@lst.de> <20201130165339.GE5364@mit.edu> <20201218132519.kj3nz7swsx7vvlr5@valinor.lan> <20201223132851.55d19271@blackhole.lan> <20201223151014.57caf98b@ezekiel.suse.cz> <20201223170057.7c8fd710@ezekiel.suse.cz> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="KdquIMZPjGJQvRdI" Content-Disposition: inline In-Reply-To: <20201223170057.7c8fd710@ezekiel.suse.cz> User-Agent: Mutt/1.5.23 (2014-03-12) Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org --KdquIMZPjGJQvRdI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! > > On Wed, Dec 23, 2020 at 3:17 PM Petr Tesarik wrote: > > > Upfront, let me admit that SUSE has a vested interest in a FIPS-certi= fiable Linux kernel. =20 > >=20 > > Sorry, but just because you have a "vested interest", or a financial > > interest, or because you want it does not suddenly make it a good > > idea. The idea is to have good crypto, not to merely check some boxes >=20 > I never suggested that this should serve as a supportive argument. I was = just trying to be honest about our motivations. >=20 > I'm a bit sad that this discussion has quickly gone back to the choice of= algorithms and how they can be implemented. The real issue is that the RNG= subsystem has not developed as fast as it could. This had not been much of= an issue as long as nobody was really interested in making any substantial= changes to that code, but it is more apparent now. Torsten believes it can= be partly because of a maintainer who is too busy with other tasks, and he= suggested we try to improve the situation by giving the RNG-related tasks = to someone else. > (Please wrap at 80 columns). To play devil's advocate, does RNG subsystem need to evolve? Its task is to get random numbers. Does it fail at the task? Problem is, random subsystem is hard to verify, and big rewrite is likely to cause security problems...=20 Best regards, Pavel --=20 http://www.livejournal.com/~pavelmachek --KdquIMZPjGJQvRdI Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAl/k6dgACgkQMOfwapXb+vKu7wCeLUlepOplD8RS0tg/IjNLo/ap jMwAoLh7hnX+vaJNu/JeKDc4R2QoO4K7 =Lwnx -----END PGP SIGNATURE----- --KdquIMZPjGJQvRdI--