Re: [PATCH] random, Add user configurable get_bytes_random()

On Fri, 6 September 2013 09:57:31 -0400, Theodore Ts'o wrote: > according to its specifications. But a HWRNG is by definition > something that can't be tested. Statistical tests are not sufficient > to prove that the HWRNG has not been gimmicked. And just to prove your point even more: http://pe

Re: [PATCH] random, Add user configurable get_bytes_random()

On Fri, Sep 06, 2013 at 08:08:52AM -0400, Prarit Bhargava wrote: > > Your argument seems to surround the idea that putting stuff on the internet is > safe. It isn't. If you've believed that then you've had your head in the > sand > and I've got a lot of land in Florida to sell you. I have no i

Re: [PATCH] random, Add user configurable get_bytes_random()

On 09/05/2013 03:49 PM, Theodore Ts'o wrote: > BTW, note the following article, published today: > > http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all > > "By this year, the Sigint Enabling Project had found ways inside some > of the encryption chips th

Re: [PATCH] random, Add user configurable get_bytes_random()

BTW, note the following article, published today: http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all "By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, eit

Re: [PATCH] random, Add user configurable get_bytes_random()

On Thu, Sep 05, 2013 at 11:08:28AM -0400, Prarit Bhargava wrote: > > The issue isn't userspace /dev/random as much as it is the use of > get_random_bytes() through out the kernel. Switching to > get_random_bytes_arch() > is a search'n'replace on the entire kernel. If a user wants the faster ran

Re: [PATCH] random, Add user configurable get_bytes_random()

On 09/05/2013 10:48 AM, Theodore Ts'o wrote: > On Thu, Sep 05, 2013 at 08:18:44AM -0400, Prarit Bhargava wrote: >> The current code has two exported functions, get_bytes_random() and >> get_bytes_random_arch(). The first function only calls the entropy >> store to get random data, and the second

Re: [PATCH] random, Add user configurable get_bytes_random()

On Thu, Sep 05, 2013 at 08:18:44AM -0400, Prarit Bhargava wrote: > The current code has two exported functions, get_bytes_random() and > get_bytes_random_arch(). The first function only calls the entropy > store to get random data, and the second only calls the arch specific > hardware random numb

[PATCH] random, Add user configurable get_bytes_random()

The current code has two exported functions, get_bytes_random() and get_bytes_random_arch(). The first function only calls the entropy store to get random data, and the second only calls the arch specific hardware random number generator. The problem is that no code is using the get_bytes_random_