Received: by 2002:ac0:e350:0:0:0:0:0 with SMTP id g16csp940591imn; Sat, 30 Jul 2022 08:50:20 -0700 (PDT) X-Google-Smtp-Source: AA6agR6GYuLqCH97m/MLIL133L6MbFPBQ4kJIKXXGxxs1M7/0AkDk72yINz70NKBRHk1kfXwXDUy X-Received: by 2002:a17:902:d4c2:b0:16d:c317:ee9d with SMTP id o2-20020a170902d4c200b0016dc317ee9dmr8393131plg.25.1659196220544; Sat, 30 Jul 2022 08:50:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1659196220; cv=none; d=google.com; s=arc-20160816; b=TyDlcYULmmxqeTDmM8JIUKz+sdQ1q9sHpgJtINM3OSs1kHamLPOPqMQ5A5SgnbTz1M TCXfs/pzo5oP9VjXTtg5Sj89pZ1c/7YehWrdyS1yGZrTqQNMzs+isIhnfO3Y4lRAYb22 KSPgWdbikHC1T+j2+1u1zKa2B1bESlCPvw/8cXDIvxD4GI5qgteZCJt04qt9Z6cM4A1h hTpghpF4qfiddywo/kEUlOZrjjboePI/BKRaMT/77jzhxYddnJHFeBON4WFOmtj6FKH6 zmgQvJFBksCViXOBqM+oFIyww7Zzt18ye1kErvh4noITBS9I27GgRXN68i+qj51Kwn+z IgMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=YJCZuifYbBHHVUq8hg52oBQXwufMLlt5AWoYuTd/5Rw=; b=wwzK0onyCCpevF4or/V9TlyN3Yt8/xiz41Q9eaKLwK0R53TCI6Jo2ahn4+SEvMF0dT rt6CorHUO9TLzGJJ4n5cx8FDvBD2ZNzWnPiUICqIuV3GoRNX7uN1M891/gBmf9Vhtyc6 fm253vDI33aQuMFY0GwUdy/ATv1g4QBaYmk//fUm3XaIMRlDAKNmPMNgL5xmEVBt2loh QTwqYRHhmM4ma3z/EO5ZIc3ZeQbozUpy1oSoW59sMV14e2pMYE1L4Eh+KM9oY314Mnu1 tTuhNVjm6WAUAXX7TO+6OpgexWcGJg5VJ+s+lB1lMQHDuTIRdZw8zl0HvCezRWr0/2fJ Xvyw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=au15hpWW; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j8-20020a056a00234800b00525425b20f0si7648885pfj.257.2022.07.30.08.49.57; Sat, 30 Jul 2022 08:50:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=au15hpWW; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235054AbiG3PtD (ORCPT + 99 others); Sat, 30 Jul 2022 11:49:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32932 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232125AbiG3PtD (ORCPT ); Sat, 30 Jul 2022 11:49:03 -0400 Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 20C4D15A18 for ; Sat, 30 Jul 2022 08:49:02 -0700 (PDT) Received: by mail-ej1-x632.google.com with SMTP id a7so253181ejp.2 for ; Sat, 30 Jul 2022 08:49:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=YJCZuifYbBHHVUq8hg52oBQXwufMLlt5AWoYuTd/5Rw=; b=au15hpWWy8nTU6PUXBhTIhRkZrhjaE650nazkqq0yf5pJGpsrnZVd3qTIKQerPinE3 /eCD+niBPu+FM6F6SFD4oEkIwkmQ2ZnRFYvYy0CB3YaeXXAuhjx246hyZHON5mmtuAiw 6Ejwde6oSlpwSvQhvaA1a6wskcrFNLrUW7RIc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=YJCZuifYbBHHVUq8hg52oBQXwufMLlt5AWoYuTd/5Rw=; b=UIOGctSEPcFB7Nd+n/4QZzN9ZPWLIDqjJLbR9MwyFhxdfETHXssljhONYWubry2nQL GtAxBRDF2J8BIoIvn68yd4lIlctLyXC9ztlYgiwJ46DZi7ZUKX4O9/x8jrJd/35UpEGl NVNYbbdYRNXGPo5Zam/ThGs7pNegLAFyhiFWtlFDnz7yjOzJPZN6WkCngxngLgz0Xg2T ygyTHpfF1amLPeuTv7MwlCBWRyKj0f6gJHk6Af1+OTr1PfCEj0nMEM5GUtkf+dciMJ3y 2hjpMFmEhlMMvu0zD0eXfj6H1QbPGv74zvFzJeX5UCyrXqQ0M66LtAL9pfECvgUWTCrX BEVw== X-Gm-Message-State: AJIora/zTzZDgDG0guI9bU4N+Ro+nyWOk1+Zkv2S+fDXbN+XOg3D0hAW UiEiKpwpu2ujP2vyN+oJYt3dPPf8R3jyNZBs X-Received: by 2002:a17:906:58d5:b0:72f:2b21:eb20 with SMTP id e21-20020a17090658d500b0072f2b21eb20mr6676935ejs.508.1659196140353; Sat, 30 Jul 2022 08:49:00 -0700 (PDT) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com. [209.85.128.46]) by smtp.gmail.com with ESMTPSA id o24-20020a170906769800b0073061212425sm223278ejm.179.2022.07.30.08.48.59 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 30 Jul 2022 08:48:59 -0700 (PDT) Received: by mail-wm1-f46.google.com with SMTP id c187-20020a1c35c4000000b003a30d88fe8eso5437701wma.2 for ; Sat, 30 Jul 2022 08:48:59 -0700 (PDT) X-Received: by 2002:a05:600c:21d7:b0:3a3:2088:bbc6 with SMTP id x23-20020a05600c21d700b003a32088bbc6mr6044685wmj.68.1659196138936; Sat, 30 Jul 2022 08:48:58 -0700 (PDT) MIME-Version: 1.0 References: <20220729145525.1729066-1-Jason@zx2c4.com> In-Reply-To: <20220729145525.1729066-1-Jason@zx2c4.com> From: Linus Torvalds Date: Sat, 30 Jul 2022 08:48:42 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH RFC v1] random: implement getrandom() in vDSO To: "Jason A. Donenfeld" Cc: linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org, x86@kernel.org, Nadia Heninger , Thomas Ristenpart , "Theodore Ts'o" , Vincenzo Frascino , Adhemerval Zanella Netto , Florian Weimer Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Jul 29, 2022 at 3:32 PM Jason A. Donenfeld wrote: > > Two statements: > > 1) Userspace wants faster cryptographically secure numbers of > arbitrary size, big or small. > > 2) Userspace is currently unable to safely roll its own RNG with the > same security profile as getrandom(). So I'm really not convinced that this kind of thing is something the kernel should work that hard to help. And that state allocation in particular looks very random in all the wrong ways, with various "if I run out of resources I'll just do a system call" things. Which just makes me go "just do the system call". People who are _that_ sensitive to performance can't use this anyway, unless they know the exact rules of "ok, I only need X state buffers" (ok, the buckets are probably the more real "sometimes it might fail" thing). So they basically need to know about the implementation details - even if it's only about that kind of "only a limited number of states" thing. Not to mention that I don't think your patch can work anyway, with things like "cmpxchg()" not being something you can do in the vdso because it might have the kernel instrumentation in it. So this all smells really fragile to me, and honestly, unlike the vdso things we _do_ have, I don't think I've ever seen getrandom() be a huge deal performance-wise. It's just too specialized, and the people who care about performance can - and do - do special things anyway. Your patch fundamentally seems to be about "make it easy to not have to care, and still get high performance", but that's _such_ a small use-case (the intersection between "don't care" and "really really need high performance" would seem to be basically NIL). Linus