Received: by 2002:ac0:da4c:0:0:0:0:0 with SMTP id a12csp2734607imi; Mon, 25 Jul 2022 07:01:09 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vEJ+uC+lCgLPNQEPbJACKwP0raVAY3qZ0jOufTK298jQIrTPOtGV+wNkTJqElr1TWZjgj2 X-Received: by 2002:a17:907:8a0e:b0:72b:9ca3:507 with SMTP id sc14-20020a1709078a0e00b0072b9ca30507mr10814306ejc.477.1658757644544; Mon, 25 Jul 2022 07:00:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658757644; cv=none; d=google.com; s=arc-20160816; b=GnoWKM78yWALbJFPwAkubaT5vKfpZ7h+psBfjEXz8A388KLwVA1MpPkHZreZ7NblrF fqo37jKhuq8aqCqfkkExhzcreKVYn0BENjND2kGXIITOd7BR/3RDjhycfBQgAXWv2whE neve0Z+D9a7KzoD5h6xwHZ2DxAb9j458pJ1LmkgPIbZvDX/FSYVXT75G+mqmYZ642ISj B+rTV2foHdQECAOP3jnyUNVaesIvw4Biaf0JWkfZKagX8ThL0UljWrs1EFuNrH0JBtD2 smafwT+Jga4E3GKzMwAXhZHQQeVx3e9maXShVBu69Jt1uzkgi3nZcLz6SO2U/gceOntp ddzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version; bh=IhDDyub/tbS9mrMSZuLpshhTp0XVRGFWKnNd67pwL/o=; b=RD8EQ5dGpD9ZMPTeBTz2ov/0XVDLVUtqzCWOkwaRRVLwXYvjLXsaNCjWIjgHwNGrY+ G7+WgDK5guqD3VvlclVwfttXbOrLxXWfkRb4omTSeuK1rIz0sAiM18tTj/uLjEtU3Wqc Ga5mzcyDYPh4xrmyU6X7/cooypkrHEmVqfTw3WYvaw8Hj09v2zcGHIU5KN02JYNLjZO4 qPc6fNNpDvntFJpc1z8uUJlyzgFl7Uac3DUXvhqyE08ai/bjRwFTLuWKwvjCMVwC6mVR ySl7x6/PdXe2gO9hIFa8+fatCbyQhDBLNqKqX+HmabzW/9+HOCl4wIxP3BYn/sTl6LBZ gKqg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=opensuse.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q6-20020a50c346000000b0043bb8332c50si12100358edb.403.2022.07.25.07.00.06; Mon, 25 Jul 2022 07:00:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=opensuse.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234594AbiGYN6i (ORCPT + 99 others); Mon, 25 Jul 2022 09:58:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40812 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235191AbiGYN6h (ORCPT ); Mon, 25 Jul 2022 09:58:37 -0400 Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1E57B12D32 for ; Mon, 25 Jul 2022 06:58:36 -0700 (PDT) Received: by mail-wr1-f53.google.com with SMTP id z13so16080422wro.13 for ; Mon, 25 Jul 2022 06:58:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=IhDDyub/tbS9mrMSZuLpshhTp0XVRGFWKnNd67pwL/o=; b=UF9+FequPRT5n70z2FIrRIUNms6p7buRllGqZ0sUReaE0UTrtcLZ8HNIAbu3bvUrg1 G02K/BA+elvf1wqilGUkD4wDAgj5jmQsKV9MP/QAWM6gEvqF8+ux5IfTh5LSdb3HLFYE HQH57FphuIRYccEGo/WVMrUVjJ9NafvE55WDcOd1HpsSgW85sAwjfXrE8KPnhrUit1NM MfRqfdI1Lmbc7b2qWPR4WIMCAy9ZCPZg0XturswY9dovJp/2hYYSAncjlYsBfcukgXlB ujnFWqjO0S0osGM1mNKCtkgIPSlK5JfEWhs3EGlJgn67xmcs2xrrl1/c7skZlOeklHF3 9koA== X-Gm-Message-State: AJIora9JcMbBbsGzAR+izcEyL6B1HKLUPeKXY5NS7DsGLBQTp79NmIof BRKv9vYJp6ce93HlRwmTP7ZzKEz54/Ia8IX7DGk59KMPOhY= X-Received: by 2002:adf:e411:0:b0:21e:6315:80b8 with SMTP id g17-20020adfe411000000b0021e631580b8mr7840376wrm.219.1658757514541; Mon, 25 Jul 2022 06:58:34 -0700 (PDT) MIME-Version: 1.0 References: <87bktdsdrk.fsf@oldenburg.str.redhat.com> <87v8rlqscj.fsf@oldenburg.str.redhat.com> In-Reply-To: From: =?UTF-8?Q?Cristian_Rodr=C3=ADguez?= Date: Mon, 25 Jul 2022 09:58:23 -0400 Message-ID: Subject: Re: arc4random - are you sure we want these? To: "Jason A. Donenfeld" Cc: Florian Weimer , Yann Droneaud , jann@thejh.net, "Jason A. Donenfeld via Libc-alpha" , linux-crypto@vger.kernel.org, Michael@phoronix.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Mon, Jul 25, 2022 at 9:44 AM Jason A. Donenfeld via Libc-alpha wrote: > Or, if you insist on providing these functions t o d a y, and won't heed > my warnings about designing the APIs alongside the implementations, then > just make them thin wrappers over getrandom(0) *without* doing fancy > buffering, and then optimizations later can improve it. That would be > the incremental approach, which wouldn't harm potential users. It also > wouldn't shut the door on doing the buffering: if the kernel > optimization improvements go nowhere, and you decide it's a lost cause, > you can always change the way it works later, and make that decision > then. My 2CLP here if that matters..I agree with this sentiment/approach. provide this functions for source compat which all juist call getrandom and abort on failure *for now* and then a future iteration can have something done about the syscall overhead with kernel help.