Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp5566709pxb; Mon, 14 Feb 2022 02:07:57 -0800 (PST) X-Google-Smtp-Source: ABdhPJxbY8eaRrAh1uz2ctxf8E/8xqHMDA8L/jc3xzRHSEmyftdQOXJVKHN5L90v1o6Ql7fmT3jy X-Received: by 2002:a63:4e5c:: with SMTP id o28mr11116537pgl.263.1644833277586; Mon, 14 Feb 2022 02:07:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644833277; cv=none; d=google.com; s=arc-20160816; b=Y4ua3Zyks59AwlBKSLe7sG/Msmj8i1WboBdYnjIk/M/VWdF0QZ3jemPhWnMG9VgLAF F2+NRu5aIZkvgdaPSqsASoNCqBkJc0Z71oy9LvQXCE0qge4vSms86kwmIikXZh8D0y9q MQXTOrT1T6vbvUMTHWOqVNoBmaDrftw3DXb3VEGyV9j6ILSM7UaO0GIM6rvhmc6CN5l9 7Tk+rFhpDldxuC/CD7PQskF4+R7eabHi65pqPsHmGebGku8BV5k7vLN7d5x1E5QNWdgl /bv1E3mlMA/BtRndNpRCueaZIv78ef254EGGKUNkf20YzACxLAzWWZp11VgH2IRgoDCy Jtyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=ufpXyc7vzeeei3yPZgdGVCOKmPsaVuw/LBlob67IqPQ=; b=q9IueTTWhbZWyxd/JVdg8HIT52KlyBb2TUjZKSwpqjrVOUml1wazx+nR7P/Yn/G59M IVrJ2MoVPZ1zZAL25cFmWo+otMpxyvdf1p20oAV+jmkhY7IvY1Wv5Zy3e6sdA0UrxpNi 2Jo0sbvJYpJwUB3YRIuR1ve4TX5nJJwjmbNDixs2rc+u303wVj+aI2UIXevq9+bef1qY B8cKHVprb0/EvNaMIwNtCd9sRD33cc976O7v0lBLWSyS2l/FhU0y7h3HRCNQRfen089N OfdlwLrsA+mn0Nfj6wJRyCRy0pinNWPjY3DfwFxNbXkrpyV2N444qNGhneyCz9gHuabi 9/Qw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="h/kQZ0g0"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l186si3050663pgd.692.2022.02.14.02.07.38; Mon, 14 Feb 2022 02:07:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b="h/kQZ0g0"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236250AbiBMNOx (ORCPT + 99 others); Sun, 13 Feb 2022 08:14:53 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:38408 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236216AbiBMNOx (ORCPT ); Sun, 13 Feb 2022 08:14:53 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8F91E5DE66 for ; Sun, 13 Feb 2022 05:14:47 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 38B66B80ADA for ; Sun, 13 Feb 2022 13:14:46 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id DCE6BC004E1 for ; Sun, 13 Feb 2022 13:14:44 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="h/kQZ0g0" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1644758083; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=ufpXyc7vzeeei3yPZgdGVCOKmPsaVuw/LBlob67IqPQ=; b=h/kQZ0g0sBpUACrnMZCgxm5zZmVYcTaFzfhAQLRsIZjKXiayWqBeNuKPjxHqE+pWCWTH92 XLwzstSc2H08CN2qDs4k2EgGzA9f3od4HeF8d81JWxFqplzUODfnWFTSou4uuylum20yDQ +9WSx0qSRkoYEhJQ71pPw+ZPho6CXOg= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id fed48833 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO) for ; Sun, 13 Feb 2022 13:14:43 +0000 (UTC) Received: by mail-yb1-f179.google.com with SMTP id e140so19349399ybh.9 for ; Sun, 13 Feb 2022 05:14:43 -0800 (PST) X-Gm-Message-State: AOAM532hw4Odg3UEEKCHaGyRLFQQ11bsnZavejbn29PfQloXxHkivf+4 Rwwt439fcAjfhbvrWqGv+/IhGgidyYXSXC2yL0U= X-Received: by 2002:a81:3283:: with SMTP id y125mr9940020ywy.100.1644758082629; Sun, 13 Feb 2022 05:14:42 -0800 (PST) MIME-Version: 1.0 References: <20220212122318.623435-1-Jason@zx2c4.com> <20220212122318.623435-6-Jason@zx2c4.com> In-Reply-To: From: "Jason A. Donenfeld" Date: Sun, 13 Feb 2022 14:14:32 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 05/10] random: group crng functions To: Dominik Brodowski Cc: LKML , "Theodore Ts'o" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Dominik, On Sun, Feb 13, 2022 at 7:57 AM Dominik Brodowski wrote: > No, it's for crng_init == 0 only. Right! Nice catch, thanks. > > + * Batched entropy returns random integers. The quality of the random > > + * number is good as /dev/urandom. In order to ensure that the randomness > > /dev/random /dev/urandom is the right analogy, actually, since batched entropy won't wait. > > +size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes) > > Sidenote: We should get rid of the sole caller of that function, and then of > this function. AFAICS, using get_random_bytes() (once rand_initialize() has > been called) should never be less secure than get_random_bytes_arch() IFF > arch_get_random_long() exists -- which is what the sole caller seems to be > interested in. I agree entirely that we should get rid of this. I think the issue is vsprintf needs a stable key for siphash that never changes once initialized, and the earlier they can get something good enough, the better. If they can't get something good, vsprintf needs to know so it can defer that to later. So I'm not yet sure the right way to solve it, but I agree we should find some way to ditch this function. Jason