From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 62F2D45693; Sun, 28 Jul 2024 01:55:29 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 0EE8440291; Sun, 28 Jul 2024 01:55:29 +0200 (CEST) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mails.dpdk.org (Postfix) with ESMTP id E08E74027D for ; Sun, 28 Jul 2024 01:55:27 +0200 (CEST) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-1fd65aaac27so11484395ad.1 for ; Sat, 27 Jul 2024 16:55:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20230601.gappssmtp.com; s=20230601; t=1722124527; x=1722729327; darn=dpdk.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=rJ7g8EyupjrO3+Zsv7OUkYDBFMTL38hh//Sj2OCBWR8=; b=THbFW3U46xCcSmgWHxkxzXaqotqgM9bMCL4ed7SNz0nh2AYfKqwD6KE8G9pS/KavV4 ijpe9AZE6RoS1n45JJsWrxS7QE6rPiHrTl0lilRqJ/Z7mcvGBE8Ljpu6oIjc9Cw+qq9S /gjBQSvsR/4fDqECYZbKi9OFBf4IFxHnt2X/N85O+TVAchEWUJhcA+H53gLknJecHTJ1 KZMSK4rYHPHyl5eYbAkJewmFp4WWK5tvYsUJlPC1cbRZM/ooE1KJRw5/9XOlJIV9UkQ8 unL/NbDNw71eCm6jfRYkBCD0ZkLsD5rybkdHwYg9Hhu/ueOkRdIQuUGQRQkT5ZvFVh4R /0/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722124527; x=1722729327; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rJ7g8EyupjrO3+Zsv7OUkYDBFMTL38hh//Sj2OCBWR8=; b=EvCknJt/qQp8qvtvhENnWg/tPSrfDutTpTeFEDDDIXGVh2kG+mz9IE/UiC8gqebbwJ BSYCloL/dUZggNRAoCQ1qqHC2JaHEmkljbBrS42pBP1FxWtPgmUnfazhgoaScyO+GFQr hunROSXxJScIcGAIlQgAgdNioKSFKO4Tdvr4VexBH3RR0G3Ghyx7uTIRTqIgSoIeWrZd AsbL5gRcaEL3KIdb/eIzDqRu+LfR8QXMV0ImX6sxMhN5FVUHw4cIh97bnV5NKkdY9ikX SyyC/27xWkxIV0AtKw+IQq6S3Tp/OSuunwupfJWvl/w3oZpQGNSLafiG74AT5newlvp7 0Ulw== X-Forwarded-Encrypted: i=1; AJvYcCW+1zAYeI1YIG3xMlDew91FMii3SSSmEuXoYLQA1G+CLDJSP6Yf8f0fO40QVaIdDmVveo3pvIfUL0Mfyos= X-Gm-Message-State: AOJu0Yy1ObZsp1KWGngKKhdF7NLoRIQAQ/0vcsmXDtgWiqJ7cZdMdbyZ gZjLAu/5FnFjknMavMN0+g2mFXQD8cNxS/WmexPkQvaVIfverD5ah0u+AyClQY8= X-Google-Smtp-Source: AGHT+IFFxAm5gJzI4EerexxXHb6gZRR+YH6e5Sdd2AlVyvg0+1AKxHZPGYL4tkzq+NKcngMpbf6nmQ== X-Received: by 2002:a17:903:2411:b0:1fd:6ca4:f987 with SMTP id d9443c01a7336-1ff04a581demr61873495ad.15.1722124526697; Sat, 27 Jul 2024 16:55:26 -0700 (PDT) Received: from hermes.local (204-195-96-226.wavecable.com. [204.195.96.226]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1fed7fe9cccsm55723995ad.289.2024.07.27.16.55.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 27 Jul 2024 16:55:26 -0700 (PDT) Date: Sat, 27 Jul 2024 16:55:24 -0700 From: Stephen Hemminger To: Wathsala Wathawana Vithanage Cc: Mattias =?UTF-8?B?UsO2bm5ibG9t?= , Shunzhi Wen , "thomas@monjalon.net" , Mattias =?UTF-8?B?UsO2bm5ibG9t?= , Ruifeng Wang , Bruce Richardson , Tyler Retzlaff , Min Zhou , David Christensen , Stanislaw Kardach , Konstantin Ananyev , "dev@dpdk.org" , nd , Jack Bond-Preston , Dhruv Tripathi , Honnappa Nagarahalli Subject: Re: [PATCH] eal: add support for TRNG with Arm RNG feature Message-ID: <20240727165524.7ad4f344@hermes.local> In-Reply-To: References: <20240723212703.721050-1-shunzhi.wen@arm.com> <536d1325-ee15-4630-9ae9-00cef9411d34@lysator.liu.se> <2d28f42f-480b-4070-8ba2-1353a742b46d@lysator.liu.se> <20240727085422.737bb9ce@hermes.local> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On Sat, 27 Jul 2024 22:27:05 +0000 Wathsala Wathawana Vithanage wrote: > > The answer is to have API's like (rte_csrand) which then call the OS level > > primitives. The trust is then passed to the OS. I trust Linus, Theo de Raadt, and > > the rest of the open OS community to evaluate and integrate the best secure > > random number generator. > > Perhaps, you missed my previous email, I understand your concern. Is it acceptable > to you if rte_csrand uses the kernel RNG by default and has a build/run-time > parameter to switch to HW RNG for those who consciously make that decision? No, because then DPDK is endorsing use of HW RNG as sole source of randomness. If someone really, really wants to do that they can put in their own code in their own application.