From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 86FC0456CB; Sun, 28 Jul 2024 09:04:54 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 758B040395; Sun, 28 Jul 2024 09:04:54 +0200 (CEST) Received: from mail.lysator.liu.se (mail.lysator.liu.se [130.236.254.3]) by mails.dpdk.org (Postfix) with ESMTP id 1BFF540261 for ; Sun, 28 Jul 2024 08:47:01 +0200 (CEST) Received: from mail.lysator.liu.se (localhost [127.0.0.1]) by mail.lysator.liu.se (Postfix) with ESMTP id CD325121F for ; Sun, 28 Jul 2024 08:47:00 +0200 (CEST) Received: by mail.lysator.liu.se (Postfix, from userid 1004) id C17DE10FE; Sun, 28 Jul 2024 08:47:00 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on hermod.lysator.liu.se X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=ALL_TRUSTED,AWL, T_SCC_BODY_TEXT_LINE autolearn=disabled version=4.0.0 X-Spam-Score: -1.3 Received: from [192.168.1.86] (h-62-63-215-114.A163.priv.bahnhof.se [62.63.215.114]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.lysator.liu.se (Postfix) with ESMTPSA id 5ACD2116D; Sun, 28 Jul 2024 08:46:59 +0200 (CEST) Message-ID: <6ec424b8-6d3e-414a-8cab-594ef83765e8@lysator.liu.se> Date: Sun, 28 Jul 2024 08:46:58 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] eal: add support for TRNG with Arm RNG feature To: Stephen Hemminger , Wathsala Wathawana Vithanage Cc: Shunzhi Wen , "thomas@monjalon.net" , =?UTF-8?Q?Mattias_R=C3=B6nnblom?= , Ruifeng Wang , Bruce Richardson , Tyler Retzlaff , Min Zhou , David Christensen , Stanislaw Kardach , Konstantin Ananyev , "dev@dpdk.org" , nd , Jack Bond-Preston , Dhruv Tripathi , Honnappa Nagarahalli References: <20240723212703.721050-1-shunzhi.wen@arm.com> <536d1325-ee15-4630-9ae9-00cef9411d34@lysator.liu.se> <2d28f42f-480b-4070-8ba2-1353a742b46d@lysator.liu.se> <20240727085422.737bb9ce@hermes.local> <20240727165524.7ad4f344@hermes.local> Content-Language: en-US From: =?UTF-8?Q?Mattias_R=C3=B6nnblom?= In-Reply-To: <20240727165524.7ad4f344@hermes.local> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On 2024-07-28 01:55, Stephen Hemminger wrote: > On Sat, 27 Jul 2024 22:27:05 +0000 > Wathsala Wathawana Vithanage wrote: > >>> The answer is to have API's like (rte_csrand) which then call the OS level >>> primitives. The trust is then passed to the OS. I trust Linus, Theo de Raadt, and >>> the rest of the open OS community to evaluate and integrate the best secure >>> random number generator. >> >> Perhaps, you missed my previous email, I understand your concern. Is it acceptable >> to you if rte_csrand uses the kernel RNG by default and has a build/run-time >> parameter to switch to HW RNG for those who consciously make that decision? > > No, because then DPDK is endorsing use of HW RNG as sole source of randomness. > If someone really, really wants to do that they can put in their own code > in their own application. That's a good point. Even a build-time option (with the required caveats in the documentation) could be seen as an endorsement. A DPDK-based security library of some sort could provide hooks for custom RNGs.