Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48FF8C4321E for ; Tue, 30 Nov 2021 08:47:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234760AbhK3IuT (ORCPT ); Tue, 30 Nov 2021 03:50:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59820 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239749AbhK3IuS (ORCPT ); Tue, 30 Nov 2021 03:50:18 -0500 Received: from sin.source.kernel.org (sin.source.kernel.org [IPv6:2604:1380:40e1:4800::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 89DF8C061574; Tue, 30 Nov 2021 00:46:59 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sin.source.kernel.org (Postfix) with ESMTPS id CFBCBCE1805; Tue, 30 Nov 2021 08:46:57 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7EF43C53FC1; Tue, 30 Nov 2021 08:46:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1638262016; bh=kHcvZf2LKMC1CCKubVLXC337NilFhltDlE9u9PHeGBc=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=dVhGORj3qCUI1QHNLmUoyKAhEDbetMkpn56CtK3FeuDjsqhtMO7vR9cY2+p2qAUdm xEVyNx+LY8jrEbYfZlzojPn1aYgAANN681WNd5HqAwp+gAjXCDZUhoCWFRnYj/YvD2 HWHzQtyYOO9qG5jO3nTffdC3v+H3dNT/zEstYJjU= Date: Tue, 30 Nov 2021 08:55:53 +0100 From: Greg Kroah-Hartman To: Sandy Harris Cc: Simo Sorce , "Jason A. Donenfeld" , Stephan =?iso-8859-1?Q?M=FCller?= , Tso Ted , Linux Crypto Mailing List , Willy Tarreau , Nicolai Stange , LKML , Arnd Bergmann , "Eric W. Biederman" , "Alexander E. Patrakov" , "Ahmed S. Darwish" , Matthew Garrett , Vito Caputo , Andreas Dilger , Jan Kara , Ray Strode , William Jon McCann , zhangjs , Andy Lutomirski , Florian Weimer , Lennart Poettering , Peter Matthias , Marcelo Henrique Cerri , Neil Horman , Randy Dunlap , Julia Lawall , Dan Carpenter , Andy Lavr , Eric Biggers , Petr Tesarik , John Haxby , Alexander Lobakin , Jirka Hladky , John Kelsey Subject: Re: [PATCH v43 01/15] Linux Random Number Generator Message-ID: References: <2036923.9o76ZdvQCi@positron.chronox.de> <4641592.OV4Wx5bFTl@positron.chronox.de> <56d2da397bb53f71c0354b102c3b40940e9b4eda.camel@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, Nov 30, 2021 at 03:32:38PM +0800, Sandy Harris wrote: > I think we should eliminate add_disk_randomness() since it does > not work well on current hardware. Also, FIPS requires that > entropy sources be independent & add_interrupt_randomness() > depends on the same disk events so these sources may not be. This whole "may not be" guessing game when it comes to FIPS certification is a huge problem. I have heard of different vendors getting different feedback and different implementations "passing" in different ways that totally contradict each other. It seems that there is a whole certification industry built up that you can use to try to pass these tests, but those tests are different depending on the vendor you use for this, making a total mess. So perhaps getting solid answers, and having the FIPS people actually implement (or at least review) the changes and submit them (this is all open for everyone to see and work on), would be the best thing as that would at least let us know that this is what they require. Otherwise, it's a total guess as you state many times in this email, and that is going to get us nowhere fast as the "requirements" end up contradicting themselves all the time. Also, why does any of this have to be in the kernel at all? If FIPS requires a deterministic random number generator that will not allow entropy to be acquired from hardware or external inputs, why does the kernel care at all? Just write a fips_random.so library and get it certified and have any userspace code that cares about such a crazy thing to use that instead. thanks, greg k-h