lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALAqxLW-TKy2CpTst=AtJY8JNGYg_WB0MxTU3Kf4J6ijKCtBVA@mail.gmail.com>
Date:	Tue, 21 Jun 2016 12:05:06 -0700
From:	John Stultz <john.stultz@...aro.org>
To:	Stephan Mueller <smueller@...onox.de>
Cc:	Herbert Xu <herbert@...dor.apana.org.au>,
	Arnd Bergmann <arnd@...db.de>,
	Alexander Kuleshov <kuleshovmail@...il.com>,
	y2038 Mailman List <y2038@...ts.linaro.org>,
	lkml <linux-kernel@...r.kernel.org>,
	linux-crypto@...r.kernel.org,
	"David S. Miller" <davem@...emloft.net>,
	Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH] crypto: Jitter RNG - use ktime_get_raw_ns as fallback

On Tue, Jun 21, 2016 at 11:49 AM, Stephan Mueller <smueller@...onox.de> wrote:
> Am Dienstag, 21. Juni 2016, 11:11:42 schrieb John Stultz:
>
> Hi John,
>
>> I don't see in the above an explanation of *why* you're using
>> ktime_get_raw_ns() instead of ktime_get_ns().
>
> Could you help me understand what the difference is or point me to some
> documentation? I understood that we only talked about the _raw variant.

Using specialized interfaces with subtle semantics w/o understanding
them is sort of my concern here.

There are reasons why you might want to use the ktime_get_raw_ns()
interface over ktime_get_ns(), but they have not been made clear in
the comment. Arnd discussed some potential concerns that the freq
adjustment done by ntp might be somewhat predictable/controlled by
remote parties, which could have some effect in the calculation. That
feels a little overly vague to me, but I'm no crypto expert, so if
that is a reasonable concern, then it should be a conscious and
documented decision.

thanks
-john

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ