On Tue, Nov 30, 2021 at 03:32:38PM +0800, Sandy Harris wrote: > I think we should eliminate add_disk_randomness() since it does > not work well on current hardware. Also, FIPS requires that > entropy sources be independent & add_interrupt_randomness() > depends on the same disk events so these sources may not be. This whole "may not be" guessing game when it comes to FIPS certification is a huge problem. I have heard of different vendors getting different feedback and different implementations "passing" in different ways that totally contradict each other. It seems that there is a whole certification industry built up that you can use to try to pass these tests, but those tests are different depending on the vendor you use for this, making a total mess. So perhaps getting solid answers, and having the FIPS people actually implement (or at least review) the changes and submit them (this is all open for everyone to see and work on), would be the best thing as that would at least let us know that this is what they require. Otherwise, it's a total guess as you state many times in this email, and that is going to get us nowhere fast as the "requirements" end up contradicting themselves all the time. Also, why does any of this have to be in the kernel at all? If FIPS requires a deterministic random number generator that will not allow entropy to be acquired from hardware or external inputs, why does the kernel care at all? Just write a fips_random.so library and get it certified and have any userspace code that cares about such a crazy thing to use that instead. thanks, greg k-h
