| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Apr 2010 18:28:05 -0500 From: Matt Mackall <mpm@...enic.com> To: Andrew Morton <akpm@...ux-foundation.org> Cc: Jack Steiner <steiner@....com>, linux-mm@...ck.org, linux-kernel@...r.kernel.org, Stephen Hemminger <shemminger@...tta.com> Subject: Re: [PATCH v2] - Randomize node rotor used in cpuset_mem_spread_node() On Wed, 2010-04-28 at 16:12 -0700, Andrew Morton wrote: > On Wed, 28 Apr 2010 18:04:06 -0500 > Matt Mackall <mpm@...enic.com> wrote: > > > > I suspect random32() would suffice here. It avoids depleting the > > > entropy pool altogether. > > > > I wouldn't worry about that. get_random_int() touches the urandom pool, > > which will always leave entropy around. Also, Ted and I decided over a > > year ago that we should drop the whole entropy accounting framework, > > which I'll get around to some rainy weekend. > > hm, so why does random32() exist? Speed? Yep. There are lots of RNG uses that aren't security sensitive and this is one: the kernel won't be DoSed by an attacker that gets all pages preferentially allocated on one node. Performance will suffer, but it's reasonably bounded. One of my goals is to call these sorts of trade-offs out in the API, ie: get_fast_random_u32() get_fast_random_bytes() get_secure_random_u32() get_secure_random_bytes() -- http://selenic.com : development and support for Mercurial and Linux -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists