Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp6110796pxb; Mon, 14 Feb 2022 15:49:57 -0800 (PST) X-Google-Smtp-Source: ABdhPJwPfo69m82vFUXn7Rx577vQkmZDaT2VUVdCbbX0U1sKJMixE9EiiHl177VJHbVCrzoxgQ8I X-Received: by 2002:a17:90b:4f8e:b0:1b9:cb7a:b982 with SMTP id qe14-20020a17090b4f8e00b001b9cb7ab982mr1273124pjb.23.1644882597249; Mon, 14 Feb 2022 15:49:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644882597; cv=none; d=google.com; s=arc-20160816; b=s6cBRIkWt7TGRqTnajODUf4VXRTPa6ywsIwh+vfvKoBlMH95GLmUeF4i9/cZFONwRS hucRGCDqCaDmVD/H+tPaImjBxzcMMdlO4asR2K8lgHq0Q9n05TqmMUCLdWwaujxIieN2 G/e6GYyqz31pfOUHE8yxdFWcrkNiucms/mDv2JrkFSXRO09OVk1oTIFkG33ezwf9XK9k TuDy/cpjTaOVet2GCVGpPnMby/i8cAMOeB1JmE5yb3b3PQYM92rIuwHDGiMl2EBV97f0 2MCvDdkee4t3Q9N/0c1CHI4DNCRNFPTwssPkReXqkAkl1k6sYiHb98r7DgUf/IV2gD7j Jv+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:message-id:in-reply-to :subject:cc:to:from:date:dkim-signature; bh=e2LfV2BcYFTZ6ZIg8FOTVm2MpIs9idDpZ8R+EsQHXrs=; b=DOka+WQIqWsQ4K+zUWhMj/cNZn+feMkWRezvCZqucpiOt1DppneyMEIOKeX8kxcdae otjgmmRkYSEjN4C4fbDZbNkTjFhWFI4EbZJ7/GSVpNaG//alTJv1KrqsvaMPkrsldem6 R0bL/yV9UwDa3in9xh0FfX+4xwzsuSkvVmpDK7ufrdCBkeeNbQ2lTjR5sUvWk/iqVujf qwjOtpu6XVrLso5XHAK5tvWBfEKWIo455X2LfI1gAeCk+73GJbKtqyewgdfGq7Hy48zI M49MtDAUy4DANSV5gDMT/OpJX8wTubBazX4dW2+v9LYNpP01wVSdwOWQ51AxGqkEFwsY KUkA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b="SJdNeO/8"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w5si12667757pjr.136.2022.02.14.15.49.31; Mon, 14 Feb 2022 15:49:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b="SJdNeO/8"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232016AbiBNWxS (ORCPT + 99 others); Mon, 14 Feb 2022 17:53:18 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:34146 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232000AbiBNWxQ (ORCPT ); Mon, 14 Feb 2022 17:53:16 -0500 Received: from new3-smtp.messagingengine.com (new3-smtp.messagingengine.com [66.111.4.229]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EACCC171870; Mon, 14 Feb 2022 14:53:07 -0800 (PST) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailnew.nyi.internal (Postfix) with ESMTP id AF0BF580632; Mon, 14 Feb 2022 17:53:04 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Mon, 14 Feb 2022 17:53:04 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=e2LfV2BcYFTZ6ZIg8 FOTVm2MpIs9idDpZ8R+EsQHXrs=; b=SJdNeO/8jyTfLiWOckcAG2OHGKCIILKot CoUd+ViU7KAYtLt39PVDcb/IGuv6zV7lLNGGyCe8EGuQ5DurWAtyc+59koNFynFb Vax9tANM2zkhCcUoof6TNS/nhOKqyPS+Hw3tsgsfWgJvrvYRq/oTiaPhFIsCZ3gq 572A76x7uTT/SQOWr2a+qXWcnzfFPlN8I/AlTAP67o6ZCB+w+xPm/B5psHno61aJ DCH/hrkY5RKmleyp5ih42WMsScPaotRe9Unr3WD7ZeSnt0m2dNzPfz999KUbozwI V020ATKE/pSE4MZC8o1aHNCuKDsllmkkIJSgA7ad0fRyvnrt2DTiw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrjeefgddtfecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpeffhffvufgjkfhfgggtsehttdertddttddvnecuhfhrohhmpefhihhnnhcuvfhh rghinhcuoehfthhhrghinheslhhinhhugidqmheikehkrdhorhhgqeenucggtffrrghtth gvrhhnpeffudfhgeefvdeitedugfelueegheekkeefveffhfeiveetledvhfdtveffteeu udenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehfth hhrghinheslhhinhhugidqmheikehkrdhorhhg X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 14 Feb 2022 17:53:00 -0500 (EST) Date: Tue, 15 Feb 2022 09:53:11 +1100 (AEDT) From: Finn Thain To: "Jason A. Donenfeld" cc: Joshua Kinard , LKML , Linux Crypto Mailing List , Paul Walmsley , Palmer Dabbelt , Albert Ou , linux-riscv , Geert Uytterhoeven , linux-m68k , Thomas Bogendoerfer , "open list:BROADCOM NVRAM DRIVER" , Dominik Brodowski , Eric Biggers , Ard Biesheuvel , Arnd Bergmann , Thomas Gleixner , Andy Lutomirski , Kees Cook , Lennart Poettering , Linus Torvalds , Greg Kroah-Hartman , Theodore Ts'o Subject: Re: [PATCH RFC v0] random: block in /dev/urandom In-Reply-To: Message-ID: References: <20220211210757.612595-1-Jason@zx2c4.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 14 Feb 2022, Jason A. Donenfeld wrote: > > So the only systems we're actually talking about without a good cycle > counter are non-Amiga m68k? If so, that'd be a pretty terrific finding. > It'd mean that this idea can move forward, and we only need to worry > about some m68k museum pieces with misconfigured userspaces... > A processor cycle counter is helpful when mounting a timing attack but my museum pieces don't suffer from that problem. Also, they are and always were immune from spectre, meltdown etc. You misrepresent those secure hardware designs as being problematic, just because of some bad advice on some random blogs about RNG API usage. Do you have a phone that no longer gets updates from its vendor? Have you tried patching it? Your insecure museum pieces are the real problem, not my secure ones.