Re: [PATCH] random: add a config option to trust the CPU's hwrng
From: Sandy Harris
Date: Wed Jul 18 2018 - 11:14:24 EST
On Tue, Jul 17, 2018 at 9:51 PM, Theodore Y. Ts'o <tytso@xxxxxxx> wrote:
> On Tue, Jul 17, 2018 at 09:43:44PM -0400, Theodore Ts'o wrote:
>> This gives the user building their own kernel (or a Linux
>> distribution) the option of deciding whether or not to trust the CPU's
>> hardware random number generator (e.g., RDRAND for x86 CPU's) as being
>> correctly implemented and not having a back door introduced (perhaps
>> courtesy of a Nation State's law enforcement or intelligence
>> agencies).
>>
>> This will prevent getrandom(2) from blocking, if there is a
>> willingness to trust the CPU manufacturer.
>>
>> Signed-off-by: Theodore Ts'o <tytso@xxxxxxx>
>
> Note, I had meant to tag this with an RFC. I'm not sure I really want
> to push this to Linus yet. If you have an opinion, let me know.
I had something like this in patches I suggested as RFC a couple of
years back. Those patches were rejected for other reasons, quite
likely valid ones.
My version was not binary like this:
>> +config RANDOM_TRUST_CPU
>> + bool "Trust the CPU manufacturer to initialize Linux's CRNG"
Instead, I had a compile-time option to choose a number 0-32
for how much entropy to assume a 32-bit value from the HWRNG
contains. Default was something less than 32. I debated values
in the 24-30 range, don't recall what I chose & don't think it
Matters hugely.
Is that a better approach than the binary choice?