Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp10325978ybl; Thu, 26 Dec 2019 15:29:51 -0800 (PST) X-Google-Smtp-Source: APXvYqzwWlw2Wlg5JhcvTqMfgwBVjXMbjfjt+2s3T9iAgIVqsM2ceibOYLOt0nkWSs8QCKwL1et1 X-Received: by 2002:a9d:51c1:: with SMTP id d1mr50613408oth.136.1577402991743; Thu, 26 Dec 2019 15:29:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1577402991; cv=none; d=google.com; s=arc-20160816; b=HewF6lFvl5dAv5XyIZt5ZMEpcQ9XFL0D8EkfJE/FSOUpdPDQ5L9w3MHHD/NB0yLvEF l6p6g1EbsBwJgfXWMZJAmzBi16vY53zXmmXDkMKLqMSNE01kXeAPNtXE5xtuuDH892La S6fxnX4+U4qij+U9m8+pBRYFpJ02z9TyhrS+SgqmLZbeJSPJDlc2K6g0wL75ss6KdOpc 3E2NFIyoI6zDyzVsaxTb5WMQjI9p7/yCIQT1SbMx90j1/uaSUX9Q1xJo8NTvCgLEvgDT cjrQZV5LkIgGJb8hc9HEfQ2RkLxw8Lito3MCU0/qJCJCaPYef2hh8QJ43WCNdF7tsX7/ 8SzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id:date:cc :in-reply-to:from:subject:mime-version:content-transfer-encoding :dkim-signature; bh=TQuMyWny8hWtt1MLws74+aMtByUKKMivFY0g2eakkkM=; b=yq7fEGMBrLLL+T1zg43NDHq7KFLjj62gnpjzRBx6CheDc6PVzoAfGSAhbRzmJ9hMCt 6uQudHTYU8Dc3eVW5a34iy+dX5jzk3rPzNFmUVAKYd8rSWeghWYeA3o2aNGfRdUlQ6tb 2kUDce1szl5iGxMJHsvkHin8hdw0Frsck2ZuiLsPtBOWBiLAOFpuTRklCVf2XBSSn2Qc nR55LJDoyeUWOka33sIr5mQ9QirDZX2goqnwsgegpMHoH0Qtds7kzzF4ENF4e05RbCDn Y/Fo936M1UInvARk8SKfBL6sEYYHATdy4HtMtiWaDuBVgfbG1/fxJxakNTeNTzJNhU9P Lb5g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=Z1hFH9rK; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c2si13722165oig.255.2019.12.26.15.29.28; Thu, 26 Dec 2019 15:29:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=Z1hFH9rK; spf=pass (google.com: best guess record for domain of linux-ext4-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727015AbfLZX3Y (ORCPT + 99 others); Thu, 26 Dec 2019 18:29:24 -0500 Received: from mail-pg1-f194.google.com ([209.85.215.194]:41276 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726277AbfLZX3Y (ORCPT ); Thu, 26 Dec 2019 18:29:24 -0500 Received: by mail-pg1-f194.google.com with SMTP id x8so13554044pgk.8 for ; Thu, 26 Dec 2019 15:29:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:mime-version:subject:from:in-reply-to:cc :date:message-id:references:to; bh=TQuMyWny8hWtt1MLws74+aMtByUKKMivFY0g2eakkkM=; b=Z1hFH9rKZoZVwN3HFABEulLkhJJQHdiQ9hXRKpwuucZ8oG4skzgbM1MInEaAM2oNf+ Js5I7My4bwh77VhB1FOv4YRNewAKZBDq83zP6m5WXz9Gz9op6r1zchEnoHBIU3/KOXku S5hPxMZ9EpYLYmGPFg3/4umrLgkYcFRiQK2tlvvVPAc3oVRzHjN9OOnxrFqtVcIshTqq jSf0Dt13GHR605MmbOGp0lYTSrdB7dsYwjmOGmLPh5UWKl2uob+KPehVM0r50uzAuJc8 VKPPmoyBnPXN7sPihO7YiI3kCULqFDwq8UXURIpE0nwwpCSG6cgjKsbBgfdymzC1Z1Ay arEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:mime-version:subject :from:in-reply-to:cc:date:message-id:references:to; bh=TQuMyWny8hWtt1MLws74+aMtByUKKMivFY0g2eakkkM=; b=YfgNPeFOx3CfgOJBmqcsvFvO5qR2WIu18wGZHiRm1B58reR/GQsNB4jgrn0KA46YFx pxfYSjeD0QSp3lMgIcfFPzpiW3qNAjvfyDEhy29DoeE/b82uaIizp8aNBDMC2RtsbDfN /ULRolaghRYYYoYzUKC4zF+3SFYCeyavnseaexzFVsQIByBIqb+XM9rlI2sLTSuOyR7h zASTakN02d0LXQx0MJza2Js7Hw3pZiCV1mgb3cd2S3yPl6+cdvMDAljhztUCeU0mH6UC 64dTXhWF/c3YUoWpbMWecEcxeUXRUjlF+WpOZsfSNsBKIooXHpCpc3BH9zm7udTdgxaD LgkA== X-Gm-Message-State: APjAAAWL12I8051J4HZ29+cxTtj/CIeaUKutdghtNQcANLYFi19iNLGU uh2Dvjap9N//ojYBhqISJ/SYIw== X-Received: by 2002:a63:1a19:: with SMTP id a25mr52030190pga.447.1577402963260; Thu, 26 Dec 2019 15:29:23 -0800 (PST) Received: from [192.168.0.9] (114-27-11-154.dynamic-ip.hinet.net. [114.27.11.154]) by smtp.gmail.com with ESMTPSA id l2sm11776754pjt.31.2019.12.26.15.29.22 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 26 Dec 2019 15:29:22 -0800 (PST) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) Subject: Re: [PATCH v3 0/8] Rework random blocking From: Andy Lutomirski In-Reply-To: <20191226140423.GB3158@mit.edu> Cc: Stephan Mueller , Andy Lutomirski , LKML , Linux API , Kees Cook , "Jason A. Donenfeld" , "Ahmed S. Darwish" , Lennart Poettering , "Eric W. Biederman" , "Alexander E. Patrakov" , Michael Kerrisk , Willy Tarreau , Matthew Garrett , Ext4 Developers List , linux-man Date: Fri, 27 Dec 2019 07:29:20 +0800 Message-Id: <26B7EEAE-1166-4B45-9534-E00C5B2767C1@amacapital.net> References: <20191226140423.GB3158@mit.edu> To: "Theodore Y. Ts'o" X-Mailer: iPhone Mail (17C54) Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org >> On Dec 26, 2019, at 10:04 PM, Theodore Y. Ts'o wrote: >>=20 >> =EF=BB=BFOn Thu, Dec 26, 2019 at 01:03:34PM +0100, Stephan Mueller wrote:= >> Agreed. I was just trying to outline that the removal of the blocking_poo= l is >> a good thing. Even when we decide that random.c should receive a TRNG, we= do >> not need to re-add a blocking pool, but can easily use the existing ChaCh= a20 >> DRNG (most likely with its own instance). >=20 > Well, it depends on what you mean by "TRNG" --- the ChaCha20 DRNG only > has a state of 256 bits. So if you want to only depend on "true > entropy" you can't extract more than 256 bits without violating that > assumption, at least if you're using a very strict definition of TRNG. >=20 > By getting rid of the blocking pool, and making /dev/random work like > getrandom with flags set to 0, we're effectively abandoning any kind > of assertion that /dev/random is some kind of TRNG. This is not > insane; this is what the *BSD's have always done. >=20 > But once we do this, and /dev/random takes on the semantics of "block > until the CRNG has been initialized, and then it won't block after > that", if we change it so that it now has some different semantics, > such as "one you extract a 256-bit key, the read from /dev/random will > block until we can refill it, which might take seconds, minutes or > hours", will be considered a regression, and we can't do that. I don=E2=80=99t think Stephan was proposing that. He was proposing a way to i= mplement a new interface that blocks. >=20 > Of course, we can hope that people will be using getrandom() and there > will be very few new users of the /dev/random pathname. But nothing > is ever guaranteed.. >=20 > - Ted