| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1461497424.2726.55.camel@perches.com>
Date: Sun, 24 Apr 2016 04:30:24 -0700
From: Joe Perches <joe@...ches.com>
To: Stephan Mueller <smueller@...onox.de>, herbert@...dor.apana.org.au,
Theodore Tso <tytso@....edu>
Cc: sandyinchina@...il.com, Jason Cooper <jason@...edaemon.net>,
John Denker <jsd@...n.com>, "H. Peter Anvin" <hpa@...or.com>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 3/6] crypto: Linux Random Number Generator
On Sun, 2016-04-24 at 12:40 +0200, Stephan Mueller wrote:
> The LRNG with all its properties is documented in [1]. This
> documentation covers the functional discussion as well as testing of all
> aspects of entropy processing. In addition, the documentation explains
> the conducted regression tests to verify that the LRNG is API and ABI
> compatible with the legacy /dev/random implementation.
>
> [1] http://www.chronox.de/lrng.html
Thanks.
Links get stale.
It may be better to put an ascii version of the pdf
in Documentation/ and the test code in tools/
and some trivial notes:
> diff --git a/crypto/lrng.c b/crypto/lrng.c
[]
> +/* debug macro */
> +#define DRIVER_NAME "lrng"
Using
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
before any #include would be a lot more common.
> +#if 0
> +#define dbg(fmt, ...) pr_info(DRIVER_NAME": " fmt, ##__VA_ARGS__)
> +#else
> +#define dbg(fmt, ...)
> +#endif
pr_debug or is there some interaction with
dynamic_debug you want to avoid?
And it's generally better to use something like
#if 0
#define dbg(fmt, ...) pr_info(fmt, ##__VA_ARGS__)
#else
#define dbg(fmt, ...) no_printk(fmt, ##__VA_ARGS__)
so that new dbg statements would not have
format/argument mismatches and argument
evaluation side-effects are still eliminated.
> +static void lrng_pdrbg_init_ops(u32 entropy_bits)
> +{
> + if (lrng_pdrbg.pdrbg_fully_seeded)
> + return;
> +
> + BUILD_BUG_ON(LRNG_IRQ_MIN_NUM % LRNG_POOL_WORD_BITS);
> + BUILD_BUG_ON((LRNG_MIN_SEED_ENTROPY_BITS * LRNG_IRQ_ENTROPY_BITS /
> + LRNG_DRBG_SECURITY_STRENGTH_BITS) > LRNG_IRQ_MIN_NUM);
> +
> + /* DRBG is seeded with full security strength */
> + if (entropy_bits >= LRNG_DRBG_SECURITY_STRENGTH_BITS) {
> + lrng_pdrbg.pdrbg_fully_seeded = true;
> + lrng_pdrbg.pdrbg_min_seeded = true;
> + pr_info(DRIVER_NAME": primary DRBG fully seeded\n");
Using pr_fmt eliminates the need for these
DRIVER_NAME ": " prefix inclusions in the format
> +static int __init lrng_init(void)
> +{
[]
> + pr_info(DRIVER_NAME": deactivating initial RNG - %d bytes delivered",
> + atomic_read(&lrng_initrng_bytes));
Should use \n to terminate the format.
Powered by blists - more mailing lists