Received: by 2002:a05:7412:251c:b0:e2:908c:2ebd with SMTP id w28csp2838261rda;
        Wed, 25 Oct 2023 13:56:27 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFjb/V/5TqRjyPdODN0BMwxAxuvKkL7LUz4z8uufE2Aw7yQ5J3JsYruxyNMv1IFNSCZAXxE
X-Received: by 2002:a25:dc81:0:b0:da0:2757:eb0 with SMTP id y123-20020a25dc81000000b00da027570eb0mr7557019ybe.44.1698267387267;
        Wed, 25 Oct 2023 13:56:27 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1698267387; cv=none;
        d=google.com; s=arc-20160816;
        b=rQSjovzE2HVSDt4QL+JkS5ORNr4x3L6+ft9cnWRuXIgxFCvM5UmJJ3YIb2HU4pnRU2
         CQfm98zl2bdT3gyRHTrtyXO+Mv9AIDdGx6ccJoRnI39ssbqXOUCHdnVZNPMA7qpNFBuM
         bKc02zlRVUeqN3FnK53s7Ls617pDD5P50tMlNsPBYtEFvbi1ABXvdJz90d6Ru2O7ay5t
         ub1iJpMQGIrt3JaRrzYc1zK8C/q/MTUb2D4DqHSjOjWeejRMXOVnzsEg5nlbZza2JqnV
         lbazDG1zYhUGxyZiG2FCYx1Civ5FBkW4xQubS2wG84olFawwQc52p4BWzYHNFtjaMyn3
         WluA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-transfer-encoding
         :content-disposition:mime-version:references:reply-to:message-id
         :subject:cc:to:from:date:dkim-signature:dkim-signature;
        bh=HggZWvf/g1tenz6t9mJ0txCKXxT+vX6kjsITziXOsIk=;
        fh=JOqSv/pq5yWtGkux7AOvprlkiu/15Hiv8hYNnpOF08Y=;
        b=Df+9BZlZi2/MAbBHT1AZsVmPBUCVl8ZW9oDJWBN/jXtLpsKPGYLkl2qWneMKA1i6tJ
         7ChLx9vO7DU2GxdExisgQ9nNMYYNwJ2Ko8cAPAYhnqkYA0VYCPzLOjAitP/AWoW4XHX+
         MQ6K7ZKEj/g/UoXKI+Yesfkulj7Jb19TgssgBqKZNJoYBorOZznypPPUkUQ+CSq0qOj2
         F2eufuUK7ox7GWFj99K0bErGyUY1PntcV2Xz2Mo0b8l5NPkI9WgItGhEbzgepLCcAbUY
         RUHOKZPDrq88xdZ+EtXbXOhRIZVISLMQv9K9wRtistI4MzDADqzLPgDQjJJGGAQPr1Tm
         MWnw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=W06d8ZVL;
       dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519 header.b=mwHe240n;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Return-Path: <linux-nfs-owner@vger.kernel.org>
Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2])
        by mx.google.com with ESMTPS id t7-20020a056902124700b00d84c1c2b6a6si14980748ybu.739.2023.10.25.13.56.03
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 25 Oct 2023 13:56:27 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=W06d8ZVL;
       dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519 header.b=mwHe240n;
       spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by agentk.vger.email (Postfix) with ESMTP id 56DE080D6A03;
	Wed, 25 Oct 2023 13:55:03 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229441AbjJYUzD (ORCPT <rfc822;martin.l.wege@gmail.com>
        + 99 others); Wed, 25 Oct 2023 16:55:03 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60230 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229583AbjJYUzC (ORCPT
        <rfc822;linux-nfs@vger.kernel.org>); Wed, 25 Oct 2023 16:55:02 -0400
Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D446413D
        for <linux-nfs@vger.kernel.org>; Wed, 25 Oct 2023 13:54:58 -0700 (PDT)
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512)
        (No client certificate requested)
        by smtp-out2.suse.de (Postfix) with ESMTPS id 51A1B200B4;
        Wed, 25 Oct 2023 20:54:57 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa;
        t=1698267297;
        h=from:from:reply-to:reply-to:date:date:message-id:message-id:to:to:
         cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=HggZWvf/g1tenz6t9mJ0txCKXxT+vX6kjsITziXOsIk=;
        b=W06d8ZVL2Ri8AvWgtxs1Io1tL594yhy7YbwMy6y5bvP02jvB+ReYydNfhGsn2PtiW3Eqou
        PEW6kRKHImwY3k2RU/fxnpVewwkajOWlpP86UAT2Ur5BqySvZDUGwyOgRRVQ2fm8fF3Sm0
        XYWyuF0DtW3kQV1+SUlg1Gb64gE55Fc=
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz;
        s=susede2_ed25519; t=1698267297;
        h=from:from:reply-to:reply-to:date:date:message-id:message-id:to:to:
         cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=HggZWvf/g1tenz6t9mJ0txCKXxT+vX6kjsITziXOsIk=;
        b=mwHe240nalPy/27CAK5GaW6KDLuTCWVfeqMXqEx14qKDFudo+/rnm+VZQbcw0AQ2tl01SE
        EoDXx8n81ytv5NDA==
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512)
        (No client certificate requested)
        by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 1418513524;
        Wed, 25 Oct 2023 20:54:57 +0000 (UTC)
Received: from dovecot-director2.suse.de ([192.168.254.65])
        by imap2.suse-dmz.suse.de with ESMTPSA
        id ecJCA6GAOWWiKQAAMHmgww
        (envelope-from <pvorel@suse.cz>); Wed, 25 Oct 2023 20:54:57 +0000
Date:   Wed, 25 Oct 2023 22:54:55 +0200
From:   Petr Vorel <pvorel@suse.cz>
To:     Richard Weinberger <richard@nod.at>
Cc:     linux-nfs <linux-nfs@vger.kernel.org>,
        Steve Dickson <steved@redhat.com>
Subject: Re: [PATCH 0/3] Add getrandom() fallback, cleanup headers
Message-ID: <20231025205455.GA460410@pevik>
Reply-To: Petr Vorel <pvorel@suse.cz>
References: <20231025194701.456031-1-pvorel@suse.cz>
 <857096093.3016.1698264780882.JavaMail.zimbra@nod.at>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <857096093.3016.1698264780882.JavaMail.zimbra@nod.at>
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Wed, 25 Oct 2023 13:55:03 -0700 (PDT)

Hi Richard,

> ----- Urspr?ngliche Mail -----
> > Von: "Petr Vorel" <pvorel@suse.cz>
> > I also wonder why getrandom() syscall does not called with GRND_NONBLOCK
> > flag. Is it ok/needed to block?

> With GRND_NONBLOCK it would return EAGAIN if not enough
> randomness is ready. How to handle this then? Aborting the start of the daemon?

Well, current code uses /dev/urandom and blocks until pool is ready (man
random(7)), which is probably OK (on VM people may need to use haveged to avoid
blocking, but that's known). But even with blocking mode blocking requests of
any size can be interrupted by a signal handler with errno EINTR. That's
probably the reason why people write more robust code. I'm not sure if it's
really needed to be handled in our case.

Nice example is ul_random_get_bytes() in util-linux [1]:

#ifdef HAVE_GETRANDOM
	while (n > 0) {
		int x;

		errno = 0;
		x = getrandom(cp, n, GRND_NONBLOCK);
		if (x > 0) {			/* success */
		       n -= x;
		       cp += x;
		       lose_counter = 0;
		       errno = 0;
		} else if (errno == ENOSYS) {	/* kernel without getrandom() */
			break;

		} else if (errno == EAGAIN && lose_counter < UL_RAND_READ_ATTEMPTS) {
			xusleep(UL_RAND_READ_DELAY);	/* no entropy, wait and try again */
			lose_counter++;
		} else
			break;
	}

	if (errno == ENOSYS)
#endif

1) sleep on EAGAIN and try again (needed to be handled due GRND_NONBLOCK).

2) It also handles ENOSYS (run on kernel without getrandom() although it was built
with libc support), which would be very rare (IMHO getrandom() is on all
architectures, but looking into drivers/char/random.c, it would be on kernels
without CONFIG_SYSCTL).  Then the code also adds fallback to read
/dev/{u,}random in this case. It could be added to nfs-utils, if anybody really
needs it.

> Before we other think the whole thing, the sole purpose of the getrandom()
> call is seeding libc's PRNG with srand() to give every waiter a different
> amount of sleep time upon concurrent database access.
> See wait_for_dbaccess() and handling of SQLITE_LOCKED.

> I'm pretty sure instead of seeding from getrandom() we can also use the current
> time or read a few bytes from /dev/urandom.

Sure. Current time would work everywhere, but I guess getrandom() with syscall
is good enough. Systems which have /dev/urandom also have getrandom() syscall
(thus will work with my current proposal).

> Just make sure that every user of sqlite_plug_init() has a different seed.

Thanks for info.

Kind regards,
Petr

> Thanks,
> //richard

[1] https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/tree/lib/randutils.c