Message ID | ZUi5KMUaNkp0c1Ds@gondor.apana.org.au |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:8f47:0:b0:403:3b70:6f57 with SMTP id j7csp2549069vqu; Mon, 6 Nov 2023 02:00:22 -0800 (PST) X-Google-Smtp-Source: AGHT+IHLZi3pFkNmuZWmPPiN9QF8/znHUgzeKzPSrNndM/wjteYKZDloss43M/wJRGop85DfRZFX X-Received: by 2002:a05:6a21:3d95:b0:180:1b3b:d560 with SMTP id bj21-20020a056a213d9500b001801b3bd560mr27540628pzc.41.1699264821672; Mon, 06 Nov 2023 02:00:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1699264821; cv=none; d=google.com; s=arc-20160816; b=VWb93a/bwC3Am0gBa9iZ0dSC3tIVgwvi4OnGu65DJmzFDl/mG1NM8lsXMBVKAGFvBj mUzcdqZMf3Rt2qYRhWDJAerYiuQAQt+jibIvJqjVEh+0vvV35FCiGJvstIGmbUIcPlL0 iiZ/UUpICZRXTj6LvNL60bq2Ieho33eWi5j4Ly+x1HPn01Iqtnux8yXWJYhgv6XccIWX 5ZDdoMvHiy2cZhT9Xd7W/KBmbelz/jkfd3uf4/its6GtsrD0ll6sla7KGw2ZkioNCVDl zyyfA3XgovYAgaNJApBwBFgQ/bgAWaV91Sv9Ticge5ER7LIyzwPh1QJNLXQyURW71Ik7 Fj+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=6lp858GsceV+O1aNLdvI0qLI2imeB261bqFy2nlPFFo=; fh=54k5T2B1qsSPZMbNDdp7j+cHLEcCG3cwJeQwjGMzVcU=; b=rD/RGzwUJ57K1G5NQOEsJjzwCE9OuURBdnUaAjVW6V5ZVprD8XYBtJa4BB0QkDQuTp RvSQJxVJiSwRHZoC9sTAi0egpt0ssRb0YI9HKtJE2Gda5bSLI4rgkU/5mRKsokiNjXIX QY7yzVT7e69seGTdsobRGmX+wCHElGzqN6kLyThC8WoJg+hGtMgcpvqDBAyPb/4gvU6k OBwBw4pq4PGRRN8gfErJsWZcUQNx1sAO0ccjUu7wbaEZdt3u62T0d9dmzYIsYfcA15zF Z0iUJkpHjR39tB6BgnfcEAiFi9p9gsZyIAIfvzr/2kqrBbu4UGnDwQ66xGIErQ/grNXI bCpg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id n17-20020a170903111100b001bc2fd76db1si8280531plh.65.2023.11.06.02.00.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Nov 2023 02:00:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id C63BD802B401; Mon, 6 Nov 2023 02:00:20 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230206AbjKFKAR (ORCPT <rfc822;jaysivo@gmail.com> + 36 others); Mon, 6 Nov 2023 05:00:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59508 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230145AbjKFKAQ (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Mon, 6 Nov 2023 05:00:16 -0500 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3437AA6; Mon, 6 Nov 2023 02:00:13 -0800 (PST) Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.94.2 #2 (Debian)) id 1qzwOn-00EXYf-L5; Mon, 06 Nov 2023 18:00:02 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Mon, 06 Nov 2023 18:00:08 +0800 Date: Mon, 6 Nov 2023 18:00:08 +0800 From: Herbert Xu <herbert@gondor.apana.org.au> To: Linus Torvalds <torvalds@linux-foundation.org> Cc: "David S. Miller" <davem@davemloft.net>, Linux Kernel Mailing List <linux-kernel@vger.kernel.org>, Linux Crypto Mailing List <linux-crypto@vger.kernel.org>, Steffen Klassert <steffen.klassert@secunet.com>, Stephan =?iso-8859-1?q?M?= =?iso-8859-1?q?=FCller?= <smueller@chronox.de> Subject: [PATCH] crypto: jitterentropy - Hide esoteric Kconfig options under FIPS and EXPERT Message-ID: <ZUi5KMUaNkp0c1Ds@gondor.apana.org.au> References: <Yzv0wXi4Uu2WND37@gondor.apana.org.au> <Y5mGGrBJaDL6mnQJ@gondor.apana.org.au> <Y/MDmL02XYfSz8XX@gondor.apana.org.au> <ZEYLC6QsKnqlEQzW@gondor.apana.org.au> <ZJ0RSuWLwzikFr9r@gondor.apana.org.au> <ZOxnTFhchkTvKpZV@gondor.apana.org.au> <ZUNIBcBJ0VeZRmT9@gondor.apana.org.au> <CAHk-=wj0-QNH5gMeYs3b+LU-isJyE4Eu9p8vVH9fb-vHHmUw0g@mail.gmail.com> <ZUSKk6Tb7+0n9X5s@gondor.apana.org.au> <CAHk-=wh=xH7TNHeaYdsrVW6p1fCQEV5PZMpaFNsZyXYqzn8Stg@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <CAHk-=wh=xH7TNHeaYdsrVW6p1fCQEV5PZMpaFNsZyXYqzn8Stg@mail.gmail.com> X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Mon, 06 Nov 2023 02:00:20 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1781808309271526998 X-GMAIL-MSGID: 1781808309271526998 |
Series |
crypto: jitterentropy - Hide esoteric Kconfig options under FIPS and EXPERT
|
|
Commit Message
Herbert Xu
Nov. 6, 2023, 10 a.m. UTC
On Thu, Nov 02, 2023 at 08:32:36PM -1000, Linus Torvalds wrote: > > I think that would help the situation, but I assume the sizing for the > jitter buffer is at least partly due to trying to account for cache > sizing or similar issues? > > Which really means that I assume any static compile-time answer to > that question is always wrong - whether you are an expert or not. > Unless you are just building the thing for one particular machine. > > So I do think the problem is deeper than "this is a question only for > experts". I definitely don't think you should ask a regular user (or > even a distro kernel package manager). I suspect it's likely that the > question is just wrong in general - because any particular one buffer > size for any number of machines simply cannot be the right answer. > > I realize that the commit says "*allow* for configuration of memory > size", but I really question the whole approach. Yes I think these are all valid points. I just noticed that I forgot to cc the author so let's see if Stephan has anything to add. > But yes - hiding these questions from any reasonable normal user is at > least a good first step. OK here's the patch: ---8<--- As JITTERENTROPY is selected by default if you enable the CRYPTO API, any Kconfig options added there will show up for every single user. Hide the esoteric options under EXPERT as well as FIPS so that only distro makers will see them. Reported-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Comments
Am Montag, 6. November 2023, 11:00:08 CET schrieb Herbert Xu: Hi Herbert, > On Thu, Nov 02, 2023 at 08:32:36PM -1000, Linus Torvalds wrote: > > I think that would help the situation, but I assume the sizing for the > > jitter buffer is at least partly due to trying to account for cache > > sizing or similar issues? > > > > Which really means that I assume any static compile-time answer to > > that question is always wrong - whether you are an expert or not. > > Unless you are just building the thing for one particular machine. > > > > So I do think the problem is deeper than "this is a question only for > > experts". I definitely don't think you should ask a regular user (or > > even a distro kernel package manager). I suspect it's likely that the > > question is just wrong in general - because any particular one buffer > > size for any number of machines simply cannot be the right answer. > > > > I realize that the commit says "*allow* for configuration of memory > > size", but I really question the whole approach. > > Yes I think these are all valid points. I just noticed that I > forgot to cc the author so let's see if Stephan has anything to > add. I concur that these questions are more for experts. > > > But yes - hiding these questions from any reasonable normal user is at > > least a good first step. > > OK here's the patch: > > ---8<--- > As JITTERENTROPY is selected by default if you enable the CRYPTO > API, any Kconfig options added there will show up for every single > user. Hide the esoteric options under EXPERT as well as FIPS so > that only distro makers will see them. > > Reported-by: Linus Torvalds <torvalds@linux-foundation.org> > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> > > diff --git a/crypto/Kconfig b/crypto/Kconfig > index bbf51d55724e..70661f58ee41 100644 > --- a/crypto/Kconfig > +++ b/crypto/Kconfig > @@ -1297,10 +1297,12 @@ config CRYPTO_JITTERENTROPY > > See https://www.chronox.de/jent.html > > +if CRYPTO_JITTERENTROPY > +if CRYPTO_FIPS && EXPERT > + > choice > prompt "CPU Jitter RNG Memory Size" > default CRYPTO_JITTERENTROPY_MEMSIZE_2 > - depends on CRYPTO_JITTERENTROPY > help > The Jitter RNG measures the execution time of memory accesses. > Multiple consecutive memory accesses are performed. If the memory > @@ -1344,7 +1346,6 @@ config CRYPTO_JITTERENTROPY_OSR > int "CPU Jitter RNG Oversampling Rate" > range 1 15 > default 1 > - depends on CRYPTO_JITTERENTROPY > help > The Jitter RNG allows the specification of an oversampling rate (OSR). > The Jitter RNG operation requires a fixed amount of timing > @@ -1359,7 +1360,6 @@ config CRYPTO_JITTERENTROPY_OSR > > config CRYPTO_JITTERENTROPY_TESTINTERFACE > bool "CPU Jitter RNG Test Interface" > - depends on CRYPTO_JITTERENTROPY > help > The test interface allows a privileged process to capture > the raw unconditioned high resolution time stamp noise that > @@ -1377,6 +1377,28 @@ config CRYPTO_JITTERENTROPY_TESTINTERFACE > > If unsure, select N. > > +endif # if CRYPTO_FIPS && EXPERT > + > +if !(CRYPTO_FIPS && EXPERT) > + > +config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS > + int > + default 64 > + > +config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE > + int > + default 32 > + > +config CRYPTO_JITTERENTROPY_OSR > + int > + default 1 > + > +config CRYPTO_JITTERENTROPY_TESTINTERFACE > + bool > + > +endif # if !(CRYPTO_FIPS && EXPERT) > +endif # if CRYPTO_JITTERENTROPY > + > config CRYPTO_KDF800108_CTR > tristate > select CRYPTO_HMAC Reviewed-by: Stephan Mueller <smueller@chronox.de> Ciao Stephan
Hi Herbert, Yamada-san, On Mon, Nov 6, 2023 at 11:00 AM Herbert Xu <herbert@gondor.apana.org.au> wrote: > On Thu, Nov 02, 2023 at 08:32:36PM -1000, Linus Torvalds wrote: > > I think that would help the situation, but I assume the sizing for the > > jitter buffer is at least partly due to trying to account for cache > > sizing or similar issues? > > > > Which really means that I assume any static compile-time answer to > > that question is always wrong - whether you are an expert or not. > > Unless you are just building the thing for one particular machine. > > > > So I do think the problem is deeper than "this is a question only for > > experts". I definitely don't think you should ask a regular user (or > > even a distro kernel package manager). I suspect it's likely that the > > question is just wrong in general - because any particular one buffer > > size for any number of machines simply cannot be the right answer. > > > > I realize that the commit says "*allow* for configuration of memory > > size", but I really question the whole approach. > > Yes I think these are all valid points. I just noticed that I > forgot to cc the author so let's see if Stephan has anything to > add. > > > But yes - hiding these questions from any reasonable normal user is at > > least a good first step. > > OK here's the patch: > > ---8<--- > As JITTERENTROPY is selected by default if you enable the CRYPTO > API, any Kconfig options added there will show up for every single > user. Hide the esoteric options under EXPERT as well as FIPS so > that only distro makers will see them. > > Reported-by: Linus Torvalds <torvalds@linux-foundation.org> > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Thanks for your patch, which is now commit e7ed6473c2c8c4e4 ("crypto: jitterentropy - Hide esoteric Kconfig options under FIPS and EXPERT"). > --- a/crypto/Kconfig > +++ b/crypto/Kconfig > @@ -1297,10 +1297,12 @@ config CRYPTO_JITTERENTROPY > > See https://www.chronox.de/jent.html > > +if CRYPTO_JITTERENTROPY > +if CRYPTO_FIPS && EXPERT > + > choice > prompt "CPU Jitter RNG Memory Size" > default CRYPTO_JITTERENTROPY_MEMSIZE_2 > - depends on CRYPTO_JITTERENTROPY > help > The Jitter RNG measures the execution time of memory accesses. > Multiple consecutive memory accesses are performed. If the memory > @@ -1344,7 +1346,6 @@ config CRYPTO_JITTERENTROPY_OSR > int "CPU Jitter RNG Oversampling Rate" > range 1 15 > default 1 > - depends on CRYPTO_JITTERENTROPY > help > The Jitter RNG allows the specification of an oversampling rate (OSR). > The Jitter RNG operation requires a fixed amount of timing > @@ -1359,7 +1360,6 @@ config CRYPTO_JITTERENTROPY_OSR > > config CRYPTO_JITTERENTROPY_TESTINTERFACE > bool "CPU Jitter RNG Test Interface" > - depends on CRYPTO_JITTERENTROPY > help > The test interface allows a privileged process to capture > the raw unconditioned high resolution time stamp noise that > @@ -1377,6 +1377,28 @@ config CRYPTO_JITTERENTROPY_TESTINTERFACE > > If unsure, select N. > > +endif # if CRYPTO_FIPS && EXPERT > + > +if !(CRYPTO_FIPS && EXPERT) > + > +config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS > + int > + default 64 > + > +config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE > + int > + default 32 > + > +config CRYPTO_JITTERENTROPY_OSR > + int > + default 1 > + > +config CRYPTO_JITTERENTROPY_TESTINTERFACE > + bool This duplicates the symbols in the CRYPTO_FIPS && EXPERT section above, which is fragile. For the int and bool symbols, this can be handled without duplication using: config CRYPTO_JITTERENTROPY_OSR - int "CPU Jitter RNG Oversampling Rate" + int "CPU Jitter RNG Oversampling Rate" if CRYPTO_FIPS && EXPERT config CRYPTO_JITTERENTROPY_TESTINTERFACE - bool "CPU Jitter RNG Test Interface" + bool "CPU Jitter RNG Test Interface" if CRYPTO_FIPS && EXPERT Unfortunately the following does not work for the choice statement, although kconfig does not report an error: choice - prompt "CPU Jitter RNG Memory Size" + prompt "CPU Jitter RNG Memory Size" if CRYPTO_FIPS && EXPERT default CRYPTO_JITTERENTROPY_MEMSIZE_2 Unlike for other symbol types, which just become silent if !(CRYPTO_FIPS && EXPERT), the choice is skipped completely if !(CRYPTO_FIPS && EXPERT), and CRYPTO_JITTERENTROPY_MEMSIZE_2 is not set. Yamada-san: Do you know why choice behaves differently? Is this easy to fix? Thanks! > + > +endif # if !(CRYPTO_FIPS && EXPERT) > +endif # if CRYPTO_JITTERENTROPY > + > config CRYPTO_KDF800108_CTR > tristate > select CRYPTO_HMAC Gr{oetje,eeting}s, Geert
diff --git a/crypto/Kconfig b/crypto/Kconfig index bbf51d55724e..70661f58ee41 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1297,10 +1297,12 @@ config CRYPTO_JITTERENTROPY See https://www.chronox.de/jent.html +if CRYPTO_JITTERENTROPY +if CRYPTO_FIPS && EXPERT + choice prompt "CPU Jitter RNG Memory Size" default CRYPTO_JITTERENTROPY_MEMSIZE_2 - depends on CRYPTO_JITTERENTROPY help The Jitter RNG measures the execution time of memory accesses. Multiple consecutive memory accesses are performed. If the memory @@ -1344,7 +1346,6 @@ config CRYPTO_JITTERENTROPY_OSR int "CPU Jitter RNG Oversampling Rate" range 1 15 default 1 - depends on CRYPTO_JITTERENTROPY help The Jitter RNG allows the specification of an oversampling rate (OSR). The Jitter RNG operation requires a fixed amount of timing @@ -1359,7 +1360,6 @@ config CRYPTO_JITTERENTROPY_OSR config CRYPTO_JITTERENTROPY_TESTINTERFACE bool "CPU Jitter RNG Test Interface" - depends on CRYPTO_JITTERENTROPY help The test interface allows a privileged process to capture the raw unconditioned high resolution time stamp noise that @@ -1377,6 +1377,28 @@ config CRYPTO_JITTERENTROPY_TESTINTERFACE If unsure, select N. +endif # if CRYPTO_FIPS && EXPERT + +if !(CRYPTO_FIPS && EXPERT) + +config CRYPTO_JITTERENTROPY_MEMORY_BLOCKS + int + default 64 + +config CRYPTO_JITTERENTROPY_MEMORY_BLOCKSIZE + int + default 32 + +config CRYPTO_JITTERENTROPY_OSR + int + default 1 + +config CRYPTO_JITTERENTROPY_TESTINTERFACE + bool + +endif # if !(CRYPTO_FIPS && EXPERT) +endif # if CRYPTO_JITTERENTROPY + config CRYPTO_KDF800108_CTR tristate select CRYPTO_HMAC