action #81757: [sle][security][sle15sp3][feature][manual] Support NIST 800-90B entropy collection in Linux Kernel (Must Have) - openQA Tests - openSUSE Project Management Tool

Actions

Copy link

action #81757

closed

[sle][security][sle15sp3][feature][manual] Support NIST 800-90B entropy collection in Linux Kernel (Must Have)

Added by bchou over 3 years ago. Updated over 3 years ago.

Status:

Rejected

Priority:

Normal

Assignee:

bchou

Category:

New test

Target version:

Start date:

2021-01-05

Due date:

% Done:

Estimated time:

24.00 h

Difficulty:

Description

JIRA ID:
https://jira.suse.com/browse/SLE-15314

Description:
For the SLE15 FIPS kernel patches and the hardware entropy collection we need to do some changes.

The current Linux RNG stack entropy gathering is not going to NIST 800-90B compliant, meaning we might not be able to certify it.

Stephan Mueller of atsec has written and also completely reviewed and documented his "jitterd" approach of entropy gathering, which I understand would need to be integrated into the kernel.

Upstream kernel development (Ted Tso?) does not like it apparently, we might need to keep our own port in our kernel tree for this.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

QA » openQA Project » openQA Tests

Tags

Custom queries

action #81757

[sle][security][sle15sp3][feature][manual] Support NIST 800-90B entropy collection in Linux Kernel (Must Have)

Updated by bchou over 3 years ago

Updated by bchou over 3 years ago

Updated by bchou over 3 years ago