| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 3 Aug 2014 13:38:59 +0200 From: Pavel Machek <pavel@....cz> To: Bernd Petrovitsch <bernd@...rovitsch.priv.at> Cc: Bob Beck <beck@...nbsd.org>, Theodore Ts'o <tytso@....edu>, linux-kernel <linux-kernel@...r.kernel.org>, linux-api@...r.kernel.org, linux-crypto <linux-crypto@...r.kernel.org>, Theo de Raadt <deraadt@....openbsd.org> Subject: Re: [PATCH -v4] random: introduce getrandom(2) system call On Thu 2014-07-31 10:06:37, Bernd Petrovitsch wrote: > On Don, 2014-07-31 at 00:18 +0200, Pavel Machek wrote: > > On Wed 2014-07-30 16:40:52, Bernd Petrovitsch wrote: > > > On Mit, 2014-07-30 at 07:56 -0600, Bob Beck wrote: > > > > Pavel. I have bit 'ol enterprise daemon running with established file > > > > descriptors serving thousands of connections > > > > which periodically require entropy. Now I run out of descriptors. I > > > > can't establish new connections. but I should > > > > now halt all the other ones that require entropy? I should raise > > > > SIGKILL on my process serving these thousands > > > > of connetions? I don't think so. > > > > > > If that long-running daemon periodically needs something from a device, > > > one would better keep the fd for that open the whole time. Saves some > > > CPU cycles and latency too BTW. > > > > Agreed. > > > > On the other hand, keeping a fd open is quite tricky for a > > library. But better solution might be to make that easier. > > Yes, in a (full-fledged, standalone) library seems at least tricky (also > referring to some off-list mails here: think about fork() - which could > be inside system() or popen() or similar). > > But as part of the *application* (where one has control over fork() > etc.), this should be somewhat less risky. Yes, that doesn't really help > libssl;-) ... > Hehe, we (Unix!) have (had) gettimeofday(), time() and similar sys-calls > since ages and no one proposed to make devices for them and get rid of > the system-calls. Well, but we do open(/dev/sda), read(1); not read_from_sda(...). And cat /dev/urandom > file is useful operation. So it is not like getentropy() can replace /dev/*random. > > open( , O_IM_A_LIBRARY_GIVE_ME_ONE_OF_THREE_RESERVED_FDS) might be one > > solution. Actually, one reserved fd should be enough. > > Well, this can also be DoSed and the proposal aims to make that > impossible (and where does this reserved count against? process-limits, > kernel-wide limit?). Process limit. DoS should not be an issue here. Remember, we are doing this to help libraries. Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists