From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 62F2D45693;
	Sun, 28 Jul 2024 01:55:29 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 0EE8440291;
	Sun, 28 Jul 2024 01:55:29 +0200 (CEST)
Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com
 [209.85.214.170])
 by mails.dpdk.org (Postfix) with ESMTP id E08E74027D
 for <dev@dpdk.org>; Sun, 28 Jul 2024 01:55:27 +0200 (CEST)
Received: by mail-pl1-f170.google.com with SMTP id
 d9443c01a7336-1fd65aaac27so11484395ad.1
 for <dev@dpdk.org>; Sat, 27 Jul 2024 16:55:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=networkplumber-org.20230601.gappssmtp.com; s=20230601; t=1722124527;
 x=1722729327; darn=dpdk.org; 
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:subject:cc:to:from:date:from:to:cc:subject:date
 :message-id:reply-to;
 bh=rJ7g8EyupjrO3+Zsv7OUkYDBFMTL38hh//Sj2OCBWR8=;
 b=THbFW3U46xCcSmgWHxkxzXaqotqgM9bMCL4ed7SNz0nh2AYfKqwD6KE8G9pS/KavV4
 ijpe9AZE6RoS1n45JJsWrxS7QE6rPiHrTl0lilRqJ/Z7mcvGBE8Ljpu6oIjc9Cw+qq9S
 /gjBQSvsR/4fDqECYZbKi9OFBf4IFxHnt2X/N85O+TVAchEWUJhcA+H53gLknJecHTJ1
 KZMSK4rYHPHyl5eYbAkJewmFp4WWK5tvYsUJlPC1cbRZM/ooE1KJRw5/9XOlJIV9UkQ8
 unL/NbDNw71eCm6jfRYkBCD0ZkLsD5rybkdHwYg9Hhu/ueOkRdIQuUGQRQkT5ZvFVh4R
 /0/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1722124527; x=1722729327;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:subject:cc:to:from:date:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=rJ7g8EyupjrO3+Zsv7OUkYDBFMTL38hh//Sj2OCBWR8=;
 b=EvCknJt/qQp8qvtvhENnWg/tPSrfDutTpTeFEDDDIXGVh2kG+mz9IE/UiC8gqebbwJ
 BSYCloL/dUZggNRAoCQ1qqHC2JaHEmkljbBrS42pBP1FxWtPgmUnfazhgoaScyO+GFQr
 hunROSXxJScIcGAIlQgAgdNioKSFKO4Tdvr4VexBH3RR0G3Ghyx7uTIRTqIgSoIeWrZd
 AsbL5gRcaEL3KIdb/eIzDqRu+LfR8QXMV0ImX6sxMhN5FVUHw4cIh97bnV5NKkdY9ikX
 SyyC/27xWkxIV0AtKw+IQq6S3Tp/OSuunwupfJWvl/w3oZpQGNSLafiG74AT5newlvp7
 0Ulw==
X-Forwarded-Encrypted: i=1;
 AJvYcCW+1zAYeI1YIG3xMlDew91FMii3SSSmEuXoYLQA1G+CLDJSP6Yf8f0fO40QVaIdDmVveo3pvIfUL0Mfyos=
X-Gm-Message-State: AOJu0Yy1ObZsp1KWGngKKhdF7NLoRIQAQ/0vcsmXDtgWiqJ7cZdMdbyZ
 gZjLAu/5FnFjknMavMN0+g2mFXQD8cNxS/WmexPkQvaVIfverD5ah0u+AyClQY8=
X-Google-Smtp-Source: AGHT+IFFxAm5gJzI4EerexxXHb6gZRR+YH6e5Sdd2AlVyvg0+1AKxHZPGYL4tkzq+NKcngMpbf6nmQ==
X-Received: by 2002:a17:903:2411:b0:1fd:6ca4:f987 with SMTP id
 d9443c01a7336-1ff04a581demr61873495ad.15.1722124526697; 
 Sat, 27 Jul 2024 16:55:26 -0700 (PDT)
Received: from hermes.local (204-195-96-226.wavecable.com. [204.195.96.226])
 by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-1fed7fe9cccsm55723995ad.289.2024.07.27.16.55.25
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 27 Jul 2024 16:55:26 -0700 (PDT)
Date: Sat, 27 Jul 2024 16:55:24 -0700
From: Stephen Hemminger <stephen@networkplumber.org>
To: Wathsala Wathawana Vithanage <wathsala.vithanage@arm.com>
Cc: Mattias =?UTF-8?B?UsO2bm5ibG9t?= <hofors@lysator.liu.se>, Shunzhi Wen
 <Shunzhi.Wen@arm.com>, "thomas@monjalon.net" <thomas@monjalon.net>, Mattias
 =?UTF-8?B?UsO2bm5ibG9t?= <mattias.ronnblom@ericsson.com>, Ruifeng Wang
 <Ruifeng.Wang@arm.com>, Bruce Richardson <bruce.richardson@intel.com>,
 Tyler Retzlaff <roretzla@linux.microsoft.com>, Min Zhou
 <zhoumin@loongson.cn>, David Christensen <drc@linux.ibm.com>, Stanislaw
 Kardach <stanislaw.kardach@gmail.com>, Konstantin Ananyev
 <konstantin.v.ananyev@yandex.ru>, "dev@dpdk.org" <dev@dpdk.org>, nd
 <nd@arm.com>, Jack Bond-Preston <Jack.Bond-Preston@arm.com>, Dhruv Tripathi
 <Dhruv.Tripathi@arm.com>, Honnappa Nagarahalli
 <Honnappa.Nagarahalli@arm.com>
Subject: Re: [PATCH] eal: add support for TRNG with Arm RNG feature
Message-ID: <20240727165524.7ad4f344@hermes.local>
In-Reply-To: <AM0PR08MB50731D5F5D0B7D9C3E94EF949FB52@AM0PR08MB5073.eurprd08.prod.outlook.com>
References: <20240723212703.721050-1-shunzhi.wen@arm.com>
 <536d1325-ee15-4630-9ae9-00cef9411d34@lysator.liu.se>
 <DB5PR08MB10139059B83D4B29A9F380AAFE2B42@DB5PR08MB10139.eurprd08.prod.outlook.com>
 <2d28f42f-480b-4070-8ba2-1353a742b46d@lysator.liu.se>
 <AM0PR08MB507361714E151D504B5C5E849FB52@AM0PR08MB5073.eurprd08.prod.outlook.com>
 <20240727085422.737bb9ce@hermes.local>
 <AM0PR08MB50731D5F5D0B7D9C3E94EF949FB52@AM0PR08MB5073.eurprd08.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

On Sat, 27 Jul 2024 22:27:05 +0000
Wathsala Wathawana Vithanage <wathsala.vithanage@arm.com> wrote:

> > The answer is to have API's like (rte_csrand) which then call the OS level
> > primitives. The trust is then passed to the OS. I trust Linus, Theo de Raadt, and
> > the rest of the open OS community to evaluate and integrate the best secure
> > random number generator.  
> 
> Perhaps, you missed my previous email, I understand your concern. Is it acceptable
> to you if rte_csrand uses the kernel RNG by default and has a build/run-time
> parameter to switch to HW RNG for those who consciously make that decision?

No, because then DPDK is endorsing use of HW RNG as sole source of randomness.
If someone really, really wants to do that they can put in their own code
in their own application.