Received: by 2002:ac0:da4c:0:0:0:0:0 with SMTP id a12csp1735376imi; Sat, 23 Jul 2022 16:02:34 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sxNrKwnEEjNTWZMyiCsOkwVUrzcJo4Pc/cXdPyIlVuvXZ9Zj61pSVtfXVeAyrFen9zJvih X-Received: by 2002:a63:5353:0:b0:419:f140:2dae with SMTP id t19-20020a635353000000b00419f1402daemr5176634pgl.526.1658617353978; Sat, 23 Jul 2022 16:02:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658617353; cv=none; d=google.com; s=arc-20160816; b=LmXRTu/W2NTTN0NYDgJOn9WIgBy/r1TBpQESv93yQsenqY1VU/ZOm2fLyNHAkIQXFj am6mE8XKvRiMMuOw6Zv0RbYeXVYKJxJhl7Lylqo2sPkdix7+Kf4lKRp434pHHXxadZF5 6yrwg03AhD+Id3TYlcBs3O26SZ1vz/3SSxtTJvm2f50SlzZqNLA38fpFxK5N+XB2B3sF WWjVbu5ubs6T1sRB0tXb6Z16uWoWXyq9UtWErXi2vExUrqzqdIbUj/GZjn71nOJI9gkh yxUG38k4Cet9V8jmVoIGowHdMVvkue5A4VgW9dn86NUqnZwsjVOxG0/V/NmXpq2sQiwr rbqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=rUZ2WYyqHu2YDdmhaM7QXm09xBRQ00xbfJNBP1vbkFs=; b=Dk6B0bXtxGIxJNNJPcDOkPfayW1sy5MVQpXAhBYde//96Dy+wKJSDelIiLevE8pOzc oCzGSivk53q/whDZTo+0pbTNPDLi+sUCTZa7A60P74fUak0PJiYVfmxOsks01HhJmDCB UHUcQSKarFTF1muQ7TK7u4rDKfkO0lkE00dUI1lGL/8pMJ9pcNZxNZlS89PTzAAH4ty7 ph/9R6fUCwh3x3Qf40fkzDRGezC6xEmbkQ9xPJF+Ycs10y4/2GkQsO7voCZ3cvW7x37N D94/a024aCvYxDMQKFsJ+7xgGrNVhjysWXsVGBu8OTjP8fArRRbf2fbJePo/7vNBlV9C +TPw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=YlW1jJsB; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d18-20020a170902ced200b001678ce90824si10955015plg.542.2022.07.23.16.02.04; Sat, 23 Jul 2022 16:02:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=YlW1jJsB; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230234AbiGWW7p (ORCPT + 99 others); Sat, 23 Jul 2022 18:59:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47306 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229772AbiGWW7o (ORCPT ); Sat, 23 Jul 2022 18:59:44 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1B7AB175AA for ; Sat, 23 Jul 2022 15:59:44 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id A3D6060A1E for ; Sat, 23 Jul 2022 22:59:43 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 22A4DC341C0; Sat, 23 Jul 2022 22:59:42 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="YlW1jJsB" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1658617180; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rUZ2WYyqHu2YDdmhaM7QXm09xBRQ00xbfJNBP1vbkFs=; b=YlW1jJsBz2kWnUnqnJWQo4VClIMCxPICmUC3ONQdJm3CKiVrVFe70a6YNZ8EHJxX5kpDKX wF7Ya3uD0qvE/FIQD2kfjrUvUla7qh+K/+KI6jwmBqIqBFTxdVWwkivMe6Vt5pIMB4GfrR Vwo8NLhda6uKcX6jq/In5b7/ytKYorM= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 89d74c6a (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Sat, 23 Jul 2022 22:59:40 +0000 (UTC) Date: Sun, 24 Jul 2022 00:59:37 +0200 From: "Jason A. Donenfeld" To: Cristian =?utf-8?Q?Rodr=C3=ADguez?= Cc: libc-alpha@sourceware.org, Adhemerval Zanella Netto , Florian Weimer , Yann Droneaud , jann@thejh.net, Michael@phoronix.com, linux-crypto@vger.kernel.org Subject: Re: arc4random - are you sure we want these? Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hi Cristian, On Sat, Jul 23, 2022 at 03:04:36PM -0400, Cristian Rodríguez wrote: > On linux just making this interface call "something" from the VDSO that > > - does not block. > - cannot ever fail or if it does indeed need to bail out it kills the > calling thread as last resort. > > (if neither of those can be provided, we are back to square one) > > Will be beyond awesome because it could be usable everywhere, > including the dynamic linker, malloc or whatever else > question is..is there any at least experimental patch with a hope of > beign accepted available ? Doesn't getrandom() already basically have this quality? If you call getrandom(0), it'll block until the RNG is initialized once (which now happens pretty reliably early on in boot). If you call getrandom(GRND_ INSECURE), it will skip that blocking. Both mechanisms are reliable and available on all current kernel.org stable kernels. Is there something about these you don't like and think need fixing? I'm open to suggestions on how to further improve that interface if it has a notable shortcoming. If somebody has a compelling performance case that's widespread and can't be fixed in the kernel alone, I wouldn't be adverse to vDSOing it. But such an undertaking would probably be contingent on doing this with the glibc developers, rather than trying to retroactively bandaid an addition that shipped broken with a documentation cop-out. Jason