On 2024-07-28 01:55, Stephen Hemminger wrote:
On Sat, 27 Jul 2024 22:27:05 +0000
Wathsala Wathawana Vithanage <wathsala.vithan...@arm.com> wrote:
The answer is to have API's like (rte_csrand) which then call the OS level
primitives. The trust is then passed to the OS. I trust Linus, Theo de Raadt,
and
the rest of the open OS community to evaluate and integrate the best secure
random number generator.
Perhaps, you missed my previous email, I understand your concern. Is it
acceptable
to you if rte_csrand uses the kernel RNG by default and has a build/run-time
parameter to switch to HW RNG for those who consciously make that decision?
No, because then DPDK is endorsing use of HW RNG as sole source of randomness.
If someone really, really wants to do that they can put in their own code
in their own application.
That's a good point. Even a build-time option (with the required caveats
in the documentation) could be seen as an endorsement.
A DPDK-based security library of some sort could provide hooks for
custom RNGs.
