Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp242892pxb;
        Mon, 7 Feb 2022 10:12:27 -0800 (PST)
X-Google-Smtp-Source: ABdhPJz2EAAT/MhNsTYTu57OimitNXkvsh8IsiNdcWh0/WU27e9SX4iZYT+3bGgl5v+FBeGqEIH0
X-Received: by 2002:a17:902:8f8d:: with SMTP id z13mr548172plo.118.1644257547451;
        Mon, 07 Feb 2022 10:12:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1644257547; cv=none;
        d=google.com; s=arc-20160816;
        b=iBpoW4LvvUggY03YuBZkHVMt7aoYcnZHplQQy3/1mMSu8g3qcTS9o8w77Nb1I4lkc5
         ch2VeMjuC3UfxIklyYY/FQJJvKB0hZPvTCGfbc4f4xGOk2kPv6rxvuOw0STf/XfThY/v
         VuE3I0KM3M1k/GiyB5VrEafgAm1021Xft1XlMtLqUVFNu1Cj9VKI6/NovDSq4cfBW/SY
         EFyunE9EsqUMTWOS8vjnCo3r5PVdKKi3qCGFf9w/Pd7G/UXjsLNDpX5zipAyb1dYaWzw
         igf7BbbNDoIy29b5Rasi9F4mXn343HWoOxEL0ijM1XpI4+D5a4vIzjtkkCbOHdbhFCLO
         xBbw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date;
        bh=u7va0R1QprWhNbjZJJpwiWNEQUCDaWCjBt+A/3j+Bgc=;
        b=xLLIq8IQTR84fjb4W2M2Ee57FC/1/rd5NmjDATWpzVt5BSQqHIVZGIlJXX7ZeZ4acX
         pbj+y0vLmJJmOx/PCYyFCrXsCVETdvQMZMvfvbPh/EQ9flGLO6mur1LDkKodyESK0xIs
         2uCk0WiULwaJjwAs69EA7B0FDedW2OgydqKODEar95A1S0P+kWd4pUraSFv4PKrz0Zex
         vAdmQzFoOHlMUhr7IVgZffeViePeAnehq0V/u/pHVJYo+Ui4ozKcdyUvlcQwqyhRbCvX
         cJFcHmEpUbxpXohkEzp+2sTFarA04LN5rqCoZGz5Ie6oC+eogvmDoeS0qtNMV4Yu7pen
         NAbw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id e15si9379328pfi.165.2022.02.07.10.12.14;
        Mon, 07 Feb 2022 10:12:27 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1379279AbiBEDvC (ORCPT <rfc822;linux.lists.archive@gmail.com>
        + 99 others); Fri, 4 Feb 2022 22:51:02 -0500
Received: from helcar.hmeau.com ([216.24.177.18]:33928 "EHLO fornost.hmeau.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S230127AbiBEDvA (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Fri, 4 Feb 2022 22:51:00 -0500
Received: from gwarestrin.arnor.me.apana.org.au ([192.168.103.7])
        by fornost.hmeau.com with smtp (Exim 4.92 #5 (Debian))
        id 1nGC64-0001eW-Hc; Sat, 05 Feb 2022 14:50:49 +1100
Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Sat, 05 Feb 2022 14:50:48 +1100
Date:   Sat, 5 Feb 2022 14:50:48 +1100
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     Eric Biggers <ebiggers@kernel.org>
Cc:     Stephan Mueller <smueller@chronox.de>,
        linux-crypto@vger.kernel.org, simo@redhat.com,
        Nicolai Stange <nstange@suse.de>
Subject: Re: [PATCH 0/7] Common entropy source and DRNG management
Message-ID: <Yf30GEJi/61RNq8A@gondor.apana.org.au>
References: <2486550.t9SDvczpPo@positron.chronox.de>
 <YfHP3xs6f68wR/Z/@sol.localdomain>
 <9785493.cvP5XnM2Xn@tauon.chronox.de>
 <YfQ7FDJqb2zhVcfp@sol.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <YfQ7FDJqb2zhVcfp@sol.localdomain>
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Fri, Jan 28, 2022 at 10:51:00AM -0800, Eric Biggers wrote:
>
> > The extraction of the entropy source and DRNG management into its own 
> > component separates out the security sensitive implementation currently found 
> > in multiple locations following the strategy found in the crypto API where 
> > each moving part is separated and encapsulated.
> > 
> > The current implementation of the ESDM allows an easy addition of new entropy 
> > sources which are properly encapsulated in self-contained code allowing self-
> > contained entropy analyses to be performed for each. These entropy sources 
> > would provide their seed data completely separate from other entropy sources 
> > to the DRNG preventing any mutual entanglement and thus challenges in the 
> > entropy assessment. I have additional entropy sources already available that I 
> > would like to contribute at a later stage. These entropy sources can be 
> > enabled, disabled or its entropy rate set as needed by vendors depending on 
> > their entropy source analysis. Proper default values would be used for the 
> > common case where a vendor does not want to perform its own analysis or a 
> > distro which want to provide a common kernel binary for many users.
> 
> What is the actual point of this?  The NIST DRBGs are already seeded from
> random.c, which is sufficient by itself but doesn't play well with
> certifications, and from Jitterentropy which the certification side is happy
> with.  And the NIST DRBGs are only present for certification purposes anyway;
> all real users use random.c instead.  So what problem still needs to be solved?

Indeed.  Stephan, could you please explain exactly what additional
seeding sources are needed over the current jitter+/dev/random sources
(and why).  Or even better, add those seeding sources that we must have
in your patch series so that they can be evaluated together.

As it stands this patch series seems to be adding a lot of code without
any uses.

Thanks,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt