From owner-svn-src-head@freebsd.org Sun Apr 16 15:45:13 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B7B80D4195F for ; Sun, 16 Apr 2017 15:45:13 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from nm3-vm2.bullet.mail.ne1.yahoo.com (nm3-vm2.bullet.mail.ne1.yahoo.com [98.138.91.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 81D1D1718 for ; Sun, 16 Apr 2017 15:45:13 +0000 (UTC) (envelope-from pfg@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1492357145; bh=X008d3r9vM8Ij5Jg8yGVpEnCd9r10cdj3yCVi0hOMl8=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=O5sSkBeZcZ6Joa6RRTfiP0U8RqWGT/BSd8bKVr5qOSmksQA+CAMLVJXVc12C3xRLmlRWXOc2Jr6CiZEuYewij6jNN+ChE+Bz9FDmPsq7ealnowR9pSxc5YXMrGUzUggBFfmYH7+y2Qcm8MrYKGF5WTmprfs1zjC4K9G21QtzXJXfQoFBqm3gvsdWDVbOtgv3Azn/LIY6Xs2ocjwxDmmg/j63EO8chQqLHRBZXNk0O0zeCcTFTg9MxkDqKWk+1rxx68GF8xWwQgyJwC4T66deVQrNkH/BZgOkLWthgU23YqE2RawqLSMQmXAbie9+GO7e9ESig6lgV8gSt/ma+gC+gA== Received: from [98.138.100.118] by nm3.bullet.mail.ne1.yahoo.com with NNFMP; 16 Apr 2017 15:39:05 -0000 Received: from [98.138.226.58] by tm109.bullet.mail.ne1.yahoo.com with NNFMP; 16 Apr 2017 15:39:05 -0000 Received: from [127.0.0.1] by smtp209.mail.ne1.yahoo.com with NNFMP; 16 Apr 2017 15:39:05 -0000 X-Yahoo-Newman-Id: 509997.86581.bm@smtp209.mail.ne1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: 4o47AJwVM1kfsZUloGBLKQ92J2HC8OCyYsSQY8CE_nyQeoJ _erDlPWQtH_VLBe46CYilj25juTIe49_0bXIInAM.MZyQW20UAlzSx0LfoWz lvWwHGJex9C.mr7fnxVlKNzlyBzexymCt7cDFo7zpSYDKzEP1uRAjHQr2VDO qjhmkVf0gb7.aLiZNavYvnQzN5Wn.aJqAAa98ANp8wI1PeeAdayDSEQSSyMt dKqJ_Yp6m5tWq879ZU5d2_4K9q8yhCzEJ9QpE3zD6._itBr0Xccvfod1brFv TWN4p.4T.fyxLxvMO2bllWMU3tXIUaiUqdyOfkbI7ApKDh68e4YCeGEFglBb tiLktWcaiL82wZAAC4kFg8uOweFeCZA48UZYVAaZOYI5AHBF7PM4f1GitN4a HwK4fCZApIx8BXhtcELgDZv9exWKur7Vyx4fJHtPfMeeiHaCFvU5C1ViIcdY UNOPuOUjz68eLVI7eR45VDAQTxV9OsnbEyJcdPAyrlMeGpAEY6jX9BPYpMuu aMss9YfgIcjRqyQ3S6ONpvNhcDdCXh2i1RnAE2NtKF_yH X-Yahoo-SMTP: xcjD0guswBAZaPPIbxpWwLcp9Unf Subject: Re: svn commit: r317015 - in head/sys: boot/forth conf crypto/chacha20 dev/random libkern sys To: cem@freebsd.org, Mark R V Murray Cc: src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org References: <201704160911.v3G9B3df023095@repo.freebsd.org> From: Pedro Giffuni Organization: FreeBSD Message-ID: Date: Sun, 16 Apr 2017 10:36:51 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Apr 2017 15:45:13 -0000 On 04/16/17 09:26, Conrad Meyer wrote: > On Sun, Apr 16, 2017 at 2:19 AM, Mark R V Murray wrote: >> This does not use DES' Chacha20 commit, as I had already completed the >> testing for it, and received SO@ approval. >> >> DES's commit made Chaha20 a module. This is of no use to arc4random(9), >> which needs the code to be standard. Also his API is different. >> >> I have no objection to reworking the arc4random/Chacha below to use DES' >> version of Chacha, but his code needs to be standard library code, >> not an optional module. >> >> Any objections to me doing this? > Hi Mark, > > I think you've taken the only sane approach possible here. arc4random > cannot be loadable, and it needs a standard cipher. RC4 is > undesirable because large parts of its early keystream are predictable > and it is anticipated to have other weaknesses. > > I doubt Chacha comes out to much in the way of object code, and > removing RC4 should subsidize even that number. From AMD64: > chacha20.ko is 7 kB. > > Furthermore, I do not believe you should be harangued into rewriting > how RNG use works in the kernel just to allow Chacha to be loadable. > And if it is "loadable," so what? You can't boot without it; what > good does a mandatory loadable module do? FWIW, I would think the major advantage of making Chacha a module would be making us cipher-agnostic. The end user doesn't need to know what cypher is being used. It would still be mandatory to use *a* cypher and chacha20 would be the default. This said, I am fine with markm's approach and, not that it matters, in most "sane" jurisdictions Public Domain is less restricted than 3-Clause BSD. Pedro.