From: Torsten Duwe <duwe@lst.de>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Andy Lutomirski <luto@amacapital.net>,
"Theodore Ts'o" <tytso@mit.edu>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Matt Mackall <mpm@selenic.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Arnd Bergmann <arnd@arndb.de>,
Rusty Russell <rusty@rustcorp.com.au>,
Satoru Takeuchi <satoru.takeuchi@gmail.com>,
ingo.tuchscherer@de.ibm.com,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Hans-Georg Markgraf <MGRF@de.ibm.com>,
Gerald Schaefer <gerald.schaefer@de.ibm.com>,
Martin Schwidefsky <schwidefsky@de.ibm.com>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
Joe Perches <joe@perches.com>, Greg Price <price@mit.edu>
Subject: Re: [PATCH v2 02/03]: hwrng: create filler thread
Date: Thu, 27 Mar 2014 16:03:28 +0100 [thread overview]
Message-ID: <20140327150328.GB18563@lst.de> (raw)
In-Reply-To: <5333AD63.9030808@zytor.com>
On Wed, Mar 26, 2014 at 09:47:31PM -0700, H. Peter Anvin wrote:
> On 03/26/2014 06:11 PM, Andy Lutomirski wrote:
> > Also, in the /dev/random sense,
> > most hardware RNGs have no entropy at all, since they're likely to be
> > FIPS-approved DRBGs that don't have a real non-deterministic source.
>
> Such a device has no business being a Linux hwrng device. We already
> have a PRNG (DRBG) in the kernel, the *only* purpose for a hwrng device
> is to be an entropy source.
That's also my understanding. The shot noise from a Schottky-diode seems
to be quite popular, for example.
> TPMs, in particular, should almost certainly be massively derated based
> on what little we know about TPM.
Backdoors, anyone? :-)
Torsten
next prev parent reply other threads:[~2014-03-27 15:03 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-21 14:29 [PATCH v2 00/03]: khwrngd Torsten Duwe
2014-03-21 14:32 ` [Patch v2 01/03]: provide an injection point for pure hardware randomness Torsten Duwe
2014-03-21 14:33 ` [PATCH v2 02/03]: hwrng: create filler thread Torsten Duwe
2014-03-27 0:50 ` Andy Lutomirski
2014-03-27 1:03 ` H. Peter Anvin
2014-03-27 1:11 ` Andy Lutomirski
2014-03-27 1:55 ` H. Peter Anvin
2014-03-27 4:47 ` H. Peter Anvin
2014-03-27 15:03 ` Torsten Duwe [this message]
2014-03-27 16:06 ` Andy Lutomirski
2014-03-27 14:54 ` Torsten Duwe
2014-03-27 15:47 ` Andy Lutomirski
2014-04-14 16:02 ` [PATCH v3 00/03]: hwrng: an in-kernel rngd Torsten Duwe
2014-04-14 16:04 ` [PATCH v3 01/03]: hwrng: provide an injection point for pure hardware randomness Torsten Duwe
2014-04-14 16:05 ` [PATCH v3 02/03]: hwrng: create filler thread Torsten Duwe
2014-04-14 16:06 ` [PATCH v3 03/03]: hwrng: khwrngd derating per device Torsten Duwe
2014-04-14 16:41 ` Andy Lutomirski
2014-04-15 8:51 ` Torsten Duwe
2014-04-15 16:53 ` Andy Lutomirski
2014-05-27 13:41 ` [PATCH v5 00/03]: hwrng: an in-kernel rngd Torsten Duwe
2014-05-27 13:44 ` [Patch 01/03]: provide an injection point for pure hardware randomness Torsten Duwe
2014-05-27 13:45 ` [Patch v5 02/03]: hwrng: create filler thread Torsten Duwe
2014-05-27 13:46 ` [Patch v5 03/03]: hwrng: khwrngd derating per device Torsten Duwe
2014-05-27 14:11 ` [Patch v5.1 " Torsten Duwe
2014-06-12 1:24 ` H. Peter Anvin
2014-06-12 10:09 ` Torsten Duwe
2014-06-14 2:40 ` Theodore Ts'o
2014-06-14 2:44 ` H. Peter Anvin
2014-06-15 5:11 ` Theodore Ts'o
2014-06-16 7:31 ` Torsten Duwe
2014-06-16 11:22 ` Theodore Ts'o
2014-06-16 14:07 ` Torsten Duwe
2014-06-16 14:40 ` Theodore Ts'o
[not found] ` <20140616141444.GB1744@suse.de>
[not found] ` <20140616142812.GB19387@thunk.org>
2014-07-11 13:43 ` Ingo Tuchscherer
2014-07-11 14:42 ` Theodore Ts'o
2014-04-14 16:09 ` [PATCH v3 00/03]: hwrng: an in-kernel rngd H. Peter Anvin
2014-04-14 16:24 ` Torsten Duwe
2014-04-14 16:29 ` H. Peter Anvin
2014-04-14 16:43 ` Andy Lutomirski
2014-04-14 16:27 ` [PATCH v4 03/03]: hwrng: khwrngd derating per device Torsten Duwe
2014-03-21 14:34 ` [PATCH v2 " Torsten Duwe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140327150328.GB18563@lst.de \
--to=duwe@lst.de \
--cc=MGRF@de.ibm.com \
--cc=arnd@arndb.de \
--cc=gerald.schaefer@de.ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=heiko.carstens@de.ibm.com \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=ingo.tuchscherer@de.ibm.com \
--cc=joe@perches.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mpm@selenic.com \
--cc=price@mit.edu \
--cc=rusty@rustcorp.com.au \
--cc=satoru.takeuchi@gmail.com \
--cc=schwidefsky@de.ibm.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.