Re: [PATCH] Add RNG support to AF_ALG (v2)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jan 21, 2011 at 05:00:05PM +1100, Herbert Xu wrote:
> On Thu, Jan 20, 2011 at 06:34:40PM -0500, Neil Horman wrote:
> >
> > Herbert, Sorry to bug you about this, but are you still planning on pulling this
> > now that Linus has the infrastructure scheduled for 2.6.38?
> 
> I think it's best if we leave this out for now, unless we can
> come up with some way of merging this with the hardware RNG
> interface so that we are not duplicating an existing user interface.
> 
I take your point, but I'm not certain I agree that we are duplicating an
existing user interface.  A cursory glance would say that we are, but
/dev/random and /dev/urandom really just provide access to the kernels entropy
pools, whereas the AF_ALG provides access to instances of any RNG the kernel has
to offer as well as the key management services that AF_ALG has, which I think
is adventageous, given that the CPRNG requires keying to work properly.

> Could we perhaps merge this with the HWRNG interface somehow?
We could certainly, add an ioctl to place /dev/[u]random in a cprng mode, and
another to allow key setting/resets/etc, but that seems fairly limiting in that
only one instace of a cprng could be accessed at a time.

> Or maybe we should just expose ansi_cprng (I presume you only
> need that) through the hwrng interface?
> 
Again, we could, but that doesn't seem wise if:
1) A user is expecting truly random data
2) A user needs to truly have predicitbility of their random number set (if
they're using the cprng, multiple un-cordinated users breaks the ability to
predict the rng data).

Another alternative (just off the top of my head), might be to eliminate the
hwrng interface in the kernel entirely, and replace it with the AF_ALG based
interface.  People requiring access to /dev/random until their applications can
be migrated could still access /dev/[u]random via a user space daemon that opens
2 unix sockets, binds them to /dev/[u]random, and proxies them to two AF_ALG
sockets connected to the blocking and non-blocking entropy pools in the kernel.

Not saying thats a great idea mind, just brainstorming ways we can eliminate
interface duplication without restricting the CPRNG to a character based
interface, when AF_ALG provides it so much more.
Neil

> Thanks,
> -- 
> Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux