| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 24 Apr 2016 16:12:34 +0200
From: Stephan Mueller <smueller@...onox.de>
To: Joe Perches <joe@...ches.com>
Cc: herbert@...dor.apana.org.au, Theodore Tso <tytso@....edu>,
sandyinchina@...il.com, Jason Cooper <jason@...edaemon.net>,
John Denker <jsd@...n.com>, "H. Peter Anvin" <hpa@...or.com>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 3/6] crypto: Linux Random Number Generator
Am Sonntag, 24. April 2016, 04:30:24 schrieb Joe Perches:
Hi Joe,
thank you very much for your comments.
> On Sun, 2016-04-24 at 12:40 +0200, Stephan Mueller wrote:
> > The LRNG with all its properties is documented in [1]. This
> > documentation covers the functional discussion as well as testing of all
> > aspects of entropy processing. In addition, the documentation explains
> > the conducted regression tests to verify that the LRNG is API and ABI
> > compatible with the legacy /dev/random implementation.
> >
> > [1] http://www.chronox.de/lrng.html
>
> Thanks.
>
> Links get stale.
>
> It may be better to put an ascii version of the pdf
> in Documentation/ and the test code in tools/
I surely can do that. What would you think would be the proper location to add
such documentation? Simply Documentation/lrng.txt?
How would you propose to handle the pictures (at least the big picture)?
Regarding the tests: those are no regression tests, but tests to allow other
researches to verify whether the LRNG operates appropriately. Thus, would
adding it to a new directory of tools/crypto/rng be appropriate?
>
> and some trivial notes:
> > diff --git a/crypto/lrng.c b/crypto/lrng.c
>
> []
>
> > +/* debug macro */
> > +#define DRIVER_NAME "lrng"
>
> Using
> #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> before any #include would be a lot more common.
Fixed
>
> > +#if 0
> > +#define dbg(fmt, ...) pr_info(DRIVER_NAME": " fmt, ##__VA_ARGS__)
> > +#else
> > +#define dbg(fmt, ...)
> > +#endif
>
> pr_debug or is there some interaction with
> dynamic_debug you want to avoid?
>
> And it's generally better to use something like
>
> #if 0
> #define dbg(fmt, ...) pr_info(fmt, ##__VA_ARGS__)
> #else
> #define dbg(fmt, ...) no_printk(fmt, ##__VA_ARGS__)
>
> so that new dbg statements would not have
> format/argument mismatches and argument
> evaluation side-effects are still eliminated.
Fixed: I have replaced all invocations with pr_debug.
>
> > +static void lrng_pdrbg_init_ops(u32 entropy_bits)
> > +{
> > + if (lrng_pdrbg.pdrbg_fully_seeded)
> > + return;
> > +
> > + BUILD_BUG_ON(LRNG_IRQ_MIN_NUM % LRNG_POOL_WORD_BITS);
> > + BUILD_BUG_ON((LRNG_MIN_SEED_ENTROPY_BITS * LRNG_IRQ_ENTROPY_BITS /
> > + LRNG_DRBG_SECURITY_STRENGTH_BITS) > LRNG_IRQ_MIN_NUM);
> > +
> > + /* DRBG is seeded with full security strength */
> > + if (entropy_bits >= LRNG_DRBG_SECURITY_STRENGTH_BITS) {
> > + lrng_pdrbg.pdrbg_fully_seeded = true;
> > + lrng_pdrbg.pdrbg_min_seeded = true;
> > + pr_info(DRIVER_NAME": primary DRBG fully seeded\n");
>
> Using pr_fmt eliminates the need for these
> DRIVER_NAME ": " prefix inclusions in the format
All occurrences corrected.
>
> > +static int __init lrng_init(void)
> > +{
>
> []
>
> > + pr_info(DRIVER_NAME": deactivating initial RNG - %d bytes delivered",
> > + atomic_read(&lrng_initrng_bytes));
>
> Should use \n to terminate the format.
Thank you, fixed. Though, I am wondering why I do see the line feed in dmesg.
Whatever, it is fixed.
I have cover the fixes in my code. I will wait for more comments and release
these changes in a couple of days.
Thanks a lot.
Ciao
Stephan
Powered by blists - more mailing lists