Received: by 2002:ac0:e34a:0:0:0:0:0 with SMTP id g10csp592873imn; Tue, 26 Jul 2022 04:31:08 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vCincrA2FSIuds3pRpWQCs/d4StPlpsNs8PU+qPFmoVKg37drVkjzfyhn9ZlF89OP4hEXS X-Received: by 2002:a17:906:4598:b0:72e:dda1:d1d5 with SMTP id qs24-20020a170906459800b0072edda1d1d5mr13888567ejc.480.1658835068547; Tue, 26 Jul 2022 04:31:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658835068; cv=none; d=google.com; s=arc-20160816; b=xFBy0T8dSp1j6+PkKfZoRAXgDCuHJ/HhnWXq4Zx2pWqvyEM4F8RtPixQcumQyQMG0Z 9IPWL3IfTNSTKvXfoj7FcpZajc4YM23inItPOaANSFx1aEuSnoRggGMF0grhWpTIfkB9 mHUlCCqQEpy436y+PsOBTFgkbCx+Afh+C7qAMDvtUjNNXzRIhlKjzAG5NSzeu7emctrX Eu1MY2SOe2FqMlfq1dzix7qAb+SB3xJDk1opxi0A3ca8NJ409ybmterxGzgKKu/qajwO X0j644Pxqv8EWINfK4KFDFZy8IqqUV1YxSEl5NXLugYBemTE4TsKTyFEZlka8nFXvDN3 e2hA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=sgPLwnfqIoDJuqj62sgNc5ELkrRNJRohBSBVnJ3v92Y=; b=YRXqBXCPwiE1dO5brRAbyMoA6qkS9KtFO+egD3MnDhLfmcOyLF/7/VIdVksda/h31o +m1Y+CB7q9ZOFB7piR6OyeoKLQS3d94BbcVASHxPLj29hxYZ2Q1bblF1DjvYGyrI5vgO 8TB8DcYVAgpdHA23APpP3pNCJTUA5j0pI8EtpBAis2KxTGfMWOgr3cvbjnKLuM03NzyX n1wWEOVO2ycJvax4aP2mvP+uA/KKMU4FX/a28s5csxhG4AU3NVkrDhF6pyhxmZYrAQNs oukqCMPY053LXt3UMCveqBGlLjl65W0Dg/X7CMs56vNWkUYhmrkhnhfwhrkjOmDdSvme L80w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=Um4Kj6DL; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y25-20020a170906471900b0072b01ae9c69si1094800ejq.694.2022.07.26.04.30.33; Tue, 26 Jul 2022 04:31:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=Um4Kj6DL; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238816AbiGZLUm (ORCPT + 99 others); Tue, 26 Jul 2022 07:20:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36734 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238802AbiGZLUm (ORCPT ); Tue, 26 Jul 2022 07:20:42 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E0925659B for ; Tue, 26 Jul 2022 04:20:40 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 91507B81132 for ; Tue, 26 Jul 2022 11:20:39 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B9839C341C0; Tue, 26 Jul 2022 11:20:37 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="Um4Kj6DL" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1658834435; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=sgPLwnfqIoDJuqj62sgNc5ELkrRNJRohBSBVnJ3v92Y=; b=Um4Kj6DLEJXmdcsBSMqQcJo+yK5sPlD2Pwq3gaRrkgqTr1eYNGTq+EQUFMfs+8iHKm/C7Z fFSYAiQr6zOZgdGIZOh1ta9AGDxb8uRTyMMWSMrrx2fLG5Q8RqS07pA4nbG1NyJ4ROX+LX QuDHRLZe4UufTeFJj4hAOJuq4Ftd4/8= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id 84e37221 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO); Tue, 26 Jul 2022 11:20:35 +0000 (UTC) Date: Tue, 26 Jul 2022 13:20:33 +0200 From: "Jason A. Donenfeld" To: Florian Weimer Cc: libc-alpha@sourceware.org, Adhemerval Zanella Netto , Cristian =?utf-8?Q?Rodr=C3=ADguez?= , Paul Eggert , linux-crypto@vger.kernel.org Subject: Re: [PATCH v2] arc4random: simplify design for better safety Message-ID: References: <20220725225728.824128-1-Jason@zx2c4.com> <20220725232810.843433-1-Jason@zx2c4.com> <87k080i4fo.fsf@oldenburg.str.redhat.com> <877d40i0v7.fsf@oldenburg.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <877d40i0v7.fsf@oldenburg.str.redhat.com> X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Hey Florian, On Tue, Jul 26, 2022 at 01:12:28PM +0200, Florian Weimer wrote: > >> What happens if /dev/random is actually /dev/urandom? Will the poll > >> call fail? > > > > Yes. I'm unsure if you're asking this because it'd be a nice > > simplification to only have to open one fd, or because you're worried > > about confusion. I don't think the confusion problem is one we should > > take too seriously, but if you're concerned, we can always fstat and > > check the maj/min. Seems a bit much, though. > > Turning /dev/random into /dev/urandom (e.g. with a symbolic link) used > to be the only way to get some applications working because they tried > to read from /dev/random at a higher rate than the system was estimating > entropy coming in. We may have to do something differently here if the > failing poll causes too much breakage. The "backup plan" would be to sleep-loop-read /proc/sys/kernel/random/entropy_avail until it passes a certain threshold one time. This might also work on even older kernels than the poll() trick. But that's pretty darn ugly, so it's not obvious to me where the cut-off in frustration is, when we throw our hands up and decide the ugliness is worth it compared to whatever problems we happen to be facing at the time with the poll() technique. But at least there is an alternative, should we need it. Jason