Received: by 2002:a05:7412:251c:b0:e2:908c:2ebd with SMTP id w28csp2838261rda; Wed, 25 Oct 2023 13:56:27 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFjb/V/5TqRjyPdODN0BMwxAxuvKkL7LUz4z8uufE2Aw7yQ5J3JsYruxyNMv1IFNSCZAXxE X-Received: by 2002:a25:dc81:0:b0:da0:2757:eb0 with SMTP id y123-20020a25dc81000000b00da027570eb0mr7557019ybe.44.1698267387267; Wed, 25 Oct 2023 13:56:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698267387; cv=none; d=google.com; s=arc-20160816; b=rQSjovzE2HVSDt4QL+JkS5ORNr4x3L6+ft9cnWRuXIgxFCvM5UmJJ3YIb2HU4pnRU2 CQfm98zl2bdT3gyRHTrtyXO+Mv9AIDdGx6ccJoRnI39ssbqXOUCHdnVZNPMA7qpNFBuM bKc02zlRVUeqN3FnK53s7Ls617pDD5P50tMlNsPBYtEFvbi1ABXvdJz90d6Ru2O7ay5t ub1iJpMQGIrt3JaRrzYc1zK8C/q/MTUb2D4DqHSjOjWeejRMXOVnzsEg5nlbZza2JqnV lbazDG1zYhUGxyZiG2FCYx1Civ5FBkW4xQubS2wG84olFawwQc52p4BWzYHNFtjaMyn3 WluA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date:dkim-signature:dkim-signature; bh=HggZWvf/g1tenz6t9mJ0txCKXxT+vX6kjsITziXOsIk=; fh=JOqSv/pq5yWtGkux7AOvprlkiu/15Hiv8hYNnpOF08Y=; b=Df+9BZlZi2/MAbBHT1AZsVmPBUCVl8ZW9oDJWBN/jXtLpsKPGYLkl2qWneMKA1i6tJ 7ChLx9vO7DU2GxdExisgQ9nNMYYNwJ2Ko8cAPAYhnqkYA0VYCPzLOjAitP/AWoW4XHX+ MQ6K7ZKEj/g/UoXKI+Yesfkulj7Jb19TgssgBqKZNJoYBorOZznypPPUkUQ+CSq0qOj2 F2eufuUK7ox7GWFj99K0bErGyUY1PntcV2Xz2Mo0b8l5NPkI9WgItGhEbzgepLCcAbUY RUHOKZPDrq88xdZ+EtXbXOhRIZVISLMQv9K9wRtistI4MzDADqzLPgDQjJJGGAQPr1Tm MWnw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=W06d8ZVL; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519 header.b=mwHe240n; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Return-Path: Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2]) by mx.google.com with ESMTPS id t7-20020a056902124700b00d84c1c2b6a6si14980748ybu.739.2023.10.25.13.56.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Oct 2023 13:56:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=W06d8ZVL; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519 header.b=mwHe240n; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 56DE080D6A03; Wed, 25 Oct 2023 13:55:03 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229441AbjJYUzD (ORCPT + 99 others); Wed, 25 Oct 2023 16:55:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60230 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229583AbjJYUzC (ORCPT ); Wed, 25 Oct 2023 16:55:02 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D446413D for ; Wed, 25 Oct 2023 13:54:58 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 51A1B200B4; Wed, 25 Oct 2023 20:54:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1698267297; h=from:from:reply-to:reply-to:date:date:message-id:message-id:to:to: cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HggZWvf/g1tenz6t9mJ0txCKXxT+vX6kjsITziXOsIk=; b=W06d8ZVL2Ri8AvWgtxs1Io1tL594yhy7YbwMy6y5bvP02jvB+ReYydNfhGsn2PtiW3Eqou PEW6kRKHImwY3k2RU/fxnpVewwkajOWlpP86UAT2Ur5BqySvZDUGwyOgRRVQ2fm8fF3Sm0 XYWyuF0DtW3kQV1+SUlg1Gb64gE55Fc= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1698267297; h=from:from:reply-to:reply-to:date:date:message-id:message-id:to:to: cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HggZWvf/g1tenz6t9mJ0txCKXxT+vX6kjsITziXOsIk=; b=mwHe240nalPy/27CAK5GaW6KDLuTCWVfeqMXqEx14qKDFudo+/rnm+VZQbcw0AQ2tl01SE EoDXx8n81ytv5NDA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 1418513524; Wed, 25 Oct 2023 20:54:57 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id ecJCA6GAOWWiKQAAMHmgww (envelope-from ); Wed, 25 Oct 2023 20:54:57 +0000 Date: Wed, 25 Oct 2023 22:54:55 +0200 From: Petr Vorel To: Richard Weinberger Cc: linux-nfs , Steve Dickson Subject: Re: [PATCH 0/3] Add getrandom() fallback, cleanup headers Message-ID: <20231025205455.GA460410@pevik> Reply-To: Petr Vorel References: <20231025194701.456031-1-pvorel@suse.cz> <857096093.3016.1698264780882.JavaMail.zimbra@nod.at> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <857096093.3016.1698264780882.JavaMail.zimbra@nod.at> X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Wed, 25 Oct 2023 13:55:03 -0700 (PDT) Hi Richard, > ----- Urspr?ngliche Mail ----- > > Von: "Petr Vorel" > > I also wonder why getrandom() syscall does not called with GRND_NONBLOCK > > flag. Is it ok/needed to block? > With GRND_NONBLOCK it would return EAGAIN if not enough > randomness is ready. How to handle this then? Aborting the start of the daemon? Well, current code uses /dev/urandom and blocks until pool is ready (man random(7)), which is probably OK (on VM people may need to use haveged to avoid blocking, but that's known). But even with blocking mode blocking requests of any size can be interrupted by a signal handler with errno EINTR. That's probably the reason why people write more robust code. I'm not sure if it's really needed to be handled in our case. Nice example is ul_random_get_bytes() in util-linux [1]: #ifdef HAVE_GETRANDOM while (n > 0) { int x; errno = 0; x = getrandom(cp, n, GRND_NONBLOCK); if (x > 0) { /* success */ n -= x; cp += x; lose_counter = 0; errno = 0; } else if (errno == ENOSYS) { /* kernel without getrandom() */ break; } else if (errno == EAGAIN && lose_counter < UL_RAND_READ_ATTEMPTS) { xusleep(UL_RAND_READ_DELAY); /* no entropy, wait and try again */ lose_counter++; } else break; } if (errno == ENOSYS) #endif 1) sleep on EAGAIN and try again (needed to be handled due GRND_NONBLOCK). 2) It also handles ENOSYS (run on kernel without getrandom() although it was built with libc support), which would be very rare (IMHO getrandom() is on all architectures, but looking into drivers/char/random.c, it would be on kernels without CONFIG_SYSCTL). Then the code also adds fallback to read /dev/{u,}random in this case. It could be added to nfs-utils, if anybody really needs it. > Before we other think the whole thing, the sole purpose of the getrandom() > call is seeding libc's PRNG with srand() to give every waiter a different > amount of sleep time upon concurrent database access. > See wait_for_dbaccess() and handling of SQLITE_LOCKED. > I'm pretty sure instead of seeding from getrandom() we can also use the current > time or read a few bytes from /dev/urandom. Sure. Current time would work everywhere, but I guess getrandom() with syscall is good enough. Systems which have /dev/urandom also have getrandom() syscall (thus will work with my current proposal). > Just make sure that every user of sqlite_plug_init() has a different seed. Thanks for info. Kind regards, Petr > Thanks, > //richard [1] https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/tree/lib/randutils.c