From: Pavel Machek <pavel@ucw.cz>
To: Petr Tesarik <ptesarik@suse.cz>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
"Torsten Duwe" <duwe@lst.de>,
"Marcelo Henrique Cerri" <marcelo.cerri@canonical.com>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
"Linus Torvalds" <torvalds@linux-foundation.org>,
"Stephan Müller" <smueller@chronox.de>,
"Willy Tarreau" <w@1wt.eu>,
"Linux Crypto Mailing List" <linux-crypto@vger.kernel.org>,
"Nicolai Stange" <nstange@suse.de>,
LKML <linux-kernel@vger.kernel.org>,
"Arnd Bergmann" <arnd@arndb.de>,
"Eric W. Biederman" <ebiederm@xmission.com>,
"Alexander E. Patrakov" <patrakov@gmail.com>,
"Ahmed S. Darwish" <darwish.07@gmail.com>,
"Matthew Garrett" <mjg59@srcf.ucam.org>,
"Vito Caputo" <vcaputo@pengaru.com>,
"Andreas Dilger" <adilger.kernel@dilger.ca>,
"Jan Kara" <jack@suse.cz>, "Ray Strode" <rstrode@redhat.com>,
"William Jon McCann" <mccann@jhu.edu>,
zhangjs <zachary@baishancloud.com>,
"Andy Lutomirski" <luto@kernel.org>,
"Florian Weimer" <fweimer@redhat.com>,
"Lennart Poettering" <mzxreary@0pointer.de>,
"Peter Matthias" <matthias.peter@bsi.bund.de>,
"Neil Horman" <nhorman@redhat.com>,
"Randy Dunlap" <rdunlap@infradead.org>,
"Julia Lawall" <julia.lawall@inria.fr>,
"Dan Carpenter" <dan.carpenter@oracle.com>,
"And y Lavr" <andy.lavr@gmail.com>,
"Eric Biggers" <ebiggers@kernel.org>,
"Ard Biesheuvel" <ardb@kernel.org>,
simo@redhat.com
Subject: Re: drivers/char/random.c needs a (new) maintainer
Date: Thu, 24 Dec 2020 20:19:53 +0100 [thread overview]
Message-ID: <20201224191953.GD22388@amd> (raw)
In-Reply-To: <20201223170057.7c8fd710@ezekiel.suse.cz>
[-- Attachment #1: Type: text/plain, Size: 1431 bytes --]
Hi!
> > On Wed, Dec 23, 2020 at 3:17 PM Petr Tesarik <ptesarik@suse.cz> wrote:
> > > Upfront, let me admit that SUSE has a vested interest in a FIPS-certifiable Linux kernel.
> >
> > Sorry, but just because you have a "vested interest", or a financial
> > interest, or because you want it does not suddenly make it a good
> > idea. The idea is to have good crypto, not to merely check some boxes
>
> I never suggested that this should serve as a supportive argument. I was just trying to be honest about our motivations.
>
> I'm a bit sad that this discussion has quickly gone back to the choice of algorithms and how they can be implemented. The real issue is that the RNG subsystem has not developed as fast as it could. This had not been much of an issue as long as nobody was really interested in making any substantial changes to that code, but it is more apparent now. Torsten believes it can be partly because of a maintainer who is too busy with other tasks, and he suggested we try to improve the situation by giving the RNG-related tasks to someone else.
>
(Please wrap at 80 columns).
To play devil's advocate, does RNG subsystem need to evolve? Its task
is to get random numbers. Does it fail at the task?
Problem is, random subsystem is hard to verify, and big rewrite is
likely to cause security problems...
Best regards,
Pavel
--
http://www.livejournal.com/~pavelmachek
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
next prev parent reply other threads:[~2020-12-24 19:20 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-30 15:12 drivers/char/random.c needs a (new) maintainer Torsten Duwe
2020-11-30 15:15 ` Jason A. Donenfeld
2020-11-30 16:53 ` Theodore Y. Ts'o
2020-12-01 11:42 ` Jason A. Donenfeld
2020-12-18 13:25 ` Marcelo Henrique Cerri
2020-12-23 12:28 ` Torsten Duwe
2020-12-23 14:10 ` Petr Tesarik
2020-12-23 14:32 ` Jason A. Donenfeld
2020-12-23 15:22 ` Stephan Mueller
2020-12-23 15:33 ` Jason A. Donenfeld
2020-12-23 16:00 ` Petr Tesarik
2020-12-23 16:03 ` Jason A. Donenfeld
2020-12-23 16:12 ` Jason A. Donenfeld
2020-12-24 19:19 ` Pavel Machek [this message]
2021-01-08 8:42 ` Sandy Harris
2020-12-24 19:14 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201224191953.GD22388@amd \
--to=pavel@ucw.cz \
--cc=Jason@zx2c4.com \
--cc=adilger.kernel@dilger.ca \
--cc=andy.lavr@gmail.com \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=dan.carpenter@oracle.com \
--cc=darwish.07@gmail.com \
--cc=duwe@lst.de \
--cc=ebiederm@xmission.com \
--cc=ebiggers@kernel.org \
--cc=fweimer@redhat.com \
--cc=jack@suse.cz \
--cc=julia.lawall@inria.fr \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=marcelo.cerri@canonical.com \
--cc=matthias.peter@bsi.bund.de \
--cc=mccann@jhu.edu \
--cc=mjg59@srcf.ucam.org \
--cc=mzxreary@0pointer.de \
--cc=nhorman@redhat.com \
--cc=nstange@suse.de \
--cc=patrakov@gmail.com \
--cc=ptesarik@suse.cz \
--cc=rdunlap@infradead.org \
--cc=rstrode@redhat.com \
--cc=simo@redhat.com \
--cc=smueller@chronox.de \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=vcaputo@pengaru.com \
--cc=w@1wt.eu \
--cc=zachary@baishancloud.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).