lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1907949.voNH4FmKbt@positron.chronox.de>
Date:	Sun, 24 Apr 2016 16:12:34 +0200
From:	Stephan Mueller <smueller@...onox.de>
To:	Joe Perches <joe@...ches.com>
Cc:	herbert@...dor.apana.org.au, Theodore Tso <tytso@....edu>,
	sandyinchina@...il.com, Jason Cooper <jason@...edaemon.net>,
	John Denker <jsd@...n.com>, "H. Peter Anvin" <hpa@...or.com>,
	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 3/6] crypto: Linux Random Number Generator

Am Sonntag, 24. April 2016, 04:30:24 schrieb Joe Perches:

Hi Joe,

thank you very much for your comments.

> On Sun, 2016-04-24 at 12:40 +0200, Stephan Mueller wrote:
> > The LRNG with all its properties is documented in [1]. This
> > documentation covers the functional discussion as well as testing of all
> > aspects of entropy processing. In addition, the documentation explains
> > the conducted regression tests to verify that the LRNG is API and ABI
> > compatible with the legacy /dev/random implementation.
> > 
> > [1] http://www.chronox.de/lrng.html
> 
> Thanks.
> 
> Links get stale.
> 
> It may be better to put an ascii version of the pdf
> in Documentation/ and the test code in tools/

I surely can do that. What would you think would be the proper location to add 
such documentation? Simply Documentation/lrng.txt?

How would you propose to handle the pictures (at least the big picture)?

Regarding the tests: those are no regression tests, but tests to allow other 
researches to verify whether the LRNG operates appropriately. Thus, would 
adding it to a new directory of tools/crypto/rng be appropriate?
> 
> and some trivial notes:
> > diff --git a/crypto/lrng.c b/crypto/lrng.c
> 
> []
> 
> > +/* debug macro */
> > +#define DRIVER_NAME "lrng"
> 
> Using
> #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> before any #include would be a lot more common.

Fixed
> 
> > +#if 0
> > +#define dbg(fmt, ...) pr_info(DRIVER_NAME": " fmt, ##__VA_ARGS__)
> > +#else
> > +#define dbg(fmt, ...)
> > +#endif
> 
> pr_debug or is there some interaction with
> dynamic_debug you want to avoid?
> 
> And it's generally better to use something like
> 
> #if 0
> #define dbg(fmt, ...) pr_info(fmt, ##__VA_ARGS__)
> #else
> #define dbg(fmt, ...) no_printk(fmt, ##__VA_ARGS__)
> 
> so that new dbg statements would not have
> format/argument mismatches and argument
> evaluation side-effects are still eliminated.

Fixed: I have replaced all invocations with pr_debug.
> 
> > +static void lrng_pdrbg_init_ops(u32 entropy_bits)
> > +{
> > +	if (lrng_pdrbg.pdrbg_fully_seeded)
> > +		return;
> > +
> > +	BUILD_BUG_ON(LRNG_IRQ_MIN_NUM % LRNG_POOL_WORD_BITS);
> > +	BUILD_BUG_ON((LRNG_MIN_SEED_ENTROPY_BITS * LRNG_IRQ_ENTROPY_BITS /
> > +		     LRNG_DRBG_SECURITY_STRENGTH_BITS) > LRNG_IRQ_MIN_NUM);
> > +
> > +	/* DRBG is seeded with full security strength */
> > +	if (entropy_bits >= LRNG_DRBG_SECURITY_STRENGTH_BITS) {
> > +		lrng_pdrbg.pdrbg_fully_seeded = true;
> > +		lrng_pdrbg.pdrbg_min_seeded = true;
> > +		pr_info(DRIVER_NAME": primary DRBG fully seeded\n");
> 
> Using pr_fmt eliminates the need for these
> DRIVER_NAME ": " prefix inclusions in the format

All occurrences corrected.
> 
> > +static int __init lrng_init(void)
> > +{
> 
> []
> 
> > +	pr_info(DRIVER_NAME": deactivating initial RNG - %d bytes delivered",
> > +		atomic_read(&lrng_initrng_bytes));
> 
> Should use \n to terminate the format.

Thank you, fixed. Though, I am wondering why I do see the line feed in dmesg. 
Whatever, it is fixed.

I have cover the fixes in my code. I will wait for more comments and release 
these changes in a couple of days.

Thanks a lot.


Ciao
Stephan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ