[Ksummit-discuss] [TECH TOPIC] Kernel security

Jason A. Donenfeld Jason at zx2c4.com
Thu Sep 28 23:09:18 UTC 2017


On Fri, Sep 29, 2017 at 12:50 AM, James Morris <jmorris at namei.org> wrote:
> Another potential topic would be whether we can provide better review of
> crypto users within the kernel.
> One idea would be to create a mailing list for this purpose, which
> developers can cc: if they are posting new code or updates to code which
> uses the crypto API.  We could encourage folk with crypto design &
> analysis skills (who may not necessarily be kernel developers, or
> following every possibly related mailing list) to help out with crypto
> review.

To cross-post what I wrote in our other thread, which wasn't CCd to this list:

> I won't be at kernel summit, regrettably, but I do intend to
> methodically work through the kernel reviewing the various crypto
> [mis]uses in places. I also have some larger plans regarding reworking
> a few aspects of the crypto API, that I'll start a discussion with
> Herbert about during the next several months.
> So, expect some more things like this patch to gradually be rolling
> your way, along with maybe larger overall changes. If you wind up
> discussing this in any substantial way at the summit this year, please
> do try to loop me in at some point.

So, I really like the idea of having a dedicated mailing list or even
a simple email alias for that kind of discussion. I know a few
pure-academics who would actually be interested in participating in
that, and personally I'm kind of existing in the void between the
kernel world and the crypto world, so that sort of list is of course
interesting to me.

One potential difficulty with "security-related" lists, and
crypto-related things in particular, is that there are often many
people eager to share misinformation or who read Schneier way back
when and then... Anyway, I suspect at kernel summit, a discussion will
yield some way to approach that.

Jason


More information about the Ksummit-discuss mailing list