From: Stephen Hemminger <stephen@networkplumber.org>
To: Shunzhi Wen <Shunzhi.Wen@arm.com>
Cc: "Mattias Rönnblom" <hofors@lysator.liu.se>,
"thomas@monjalon.net" <thomas@monjalon.net>,
"Mattias Rönnblom" <mattias.ronnblom@ericsson.com>,
"Ruifeng Wang" <Ruifeng.Wang@arm.com>,
"Bruce Richardson" <bruce.richardson@intel.com>,
"Tyler Retzlaff" <roretzla@linux.microsoft.com>,
"Min Zhou" <zhoumin@loongson.cn>,
"David Christensen" <drc@linux.ibm.com>,
"Stanislaw Kardach" <stanislaw.kardach@gmail.com>,
"Konstantin Ananyev" <konstantin.v.ananyev@yandex.ru>,
"dev@dpdk.org" <dev@dpdk.org>, nd <nd@arm.com>,
"Wathsala Wathawana Vithanage" <wathsala.vithanage@arm.com>,
"Jack Bond-Preston" <Jack.Bond-Preston@arm.com>,
"Dhruv Tripathi" <Dhruv.Tripathi@arm.com>
Subject: Re: [PATCH] eal: add support for TRNG with Arm RNG feature
Date: Fri, 26 Jul 2024 12:00:26 -0700 [thread overview]
Message-ID: <20240726120026.3be4d0d0@hermes.local> (raw)
In-Reply-To: <DB5PR08MB10139059B83D4B29A9F380AAFE2B42@DB5PR08MB10139.eurprd08.prod.outlook.com>
On Fri, 26 Jul 2024 18:34:44 +0000
Shunzhi Wen <Shunzhi.Wen@arm.com> wrote:
> > I'm missing a rationale here. Why is this useful?
> >
> This creates an API for HW that supports cryptographically secure random number generation.
>
> > If you want to extend <rte_random.h> with a cryptographically secure
> > random number generator, that's fine.
> >
> > To have an API that's only available on certain ARM CPUs is not.
> >
> > NAK
> >
> The primary goal of this patch is to provide a direct interface to HW,
> instead of letting kernel handle it. This is not an API just for Arm
> CPUs, as other vendors also have similar HW features. For instance,
> Intel and AMD has support for x86 RDRAND and RDSEED instructions, thus
> can easily implement this API.
>
> > A new function should be called something with "secure", rather than "true"
> > (which is a bit silly, since we might well live in a completely deterministic
> > universe). "secure" would more clearly communicate the intent, and also
> > doesn't imply any particular implementation.
> >
> Regarding the terminology, “cryptographically secure random number”
> is a more accurate and meaningful term than “true random number.”
> This change will be made in the description, and the function name will
> be replaced with rte_csrand.
If you decide to rte_csrand() it should fallback to get_random or get_entropy.
Note: many people don't fully trust RDRAND or ARM CPU instructions.
That is why the Linux entropy calls do not use only the HW instructions.
next prev parent reply other threads:[~2024-07-26 19:00 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-23 21:27 Shunzhi Wen
2024-07-24 6:40 ` Mattias Rönnblom
2024-07-24 14:35 ` Stephen Hemminger
2024-07-24 15:07 ` Mattias Rönnblom
2024-07-24 16:16 ` Stephen Hemminger
2024-07-24 19:14 ` Mattias Rönnblom
2024-07-24 20:02 ` Stephen Hemminger
2024-07-25 4:48 ` Mattias Rönnblom
2024-07-25 14:56 ` Stephen Hemminger
2024-07-26 18:34 ` Shunzhi Wen
2024-07-26 19:00 ` Stephen Hemminger [this message]
2024-07-26 20:12 ` Wathsala Wathawana Vithanage
2024-07-26 22:33 ` Mattias Rönnblom
2024-07-27 15:45 ` Wathsala Wathawana Vithanage
2024-07-27 15:54 ` Stephen Hemminger
2024-07-27 22:27 ` Wathsala Wathawana Vithanage
2024-07-27 23:55 ` Stephen Hemminger
2024-07-28 6:46 ` Mattias Rönnblom
2024-07-29 4:48 ` Wathsala Wathawana Vithanage
2024-07-27 17:07 ` Mattias Rönnblom
2024-07-27 22:45 ` Wathsala Wathawana Vithanage
2024-07-28 6:42 ` Mattias Rönnblom
2024-07-28 15:52 ` Stephen Hemminger
2024-07-29 4:34 ` Wathsala Wathawana Vithanage
2024-07-29 6:34 ` Wathsala Wathawana Vithanage
2024-07-29 6:47 ` Mattias Rönnblom
2024-07-29 18:16 ` Wathsala Wathawana Vithanage
2024-07-29 18:31 ` Stephen Hemminger
2024-07-29 19:11 ` Mattias Rönnblom
2024-07-29 19:30 ` Morten Brørup
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240726120026.3be4d0d0@hermes.local \
--to=stephen@networkplumber.org \
--cc=Dhruv.Tripathi@arm.com \
--cc=Jack.Bond-Preston@arm.com \
--cc=Ruifeng.Wang@arm.com \
--cc=Shunzhi.Wen@arm.com \
--cc=bruce.richardson@intel.com \
--cc=dev@dpdk.org \
--cc=drc@linux.ibm.com \
--cc=hofors@lysator.liu.se \
--cc=konstantin.v.ananyev@yandex.ru \
--cc=mattias.ronnblom@ericsson.com \
--cc=nd@arm.com \
--cc=roretzla@linux.microsoft.com \
--cc=stanislaw.kardach@gmail.com \
--cc=thomas@monjalon.net \
--cc=wathsala.vithanage@arm.com \
--cc=zhoumin@loongson.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).