| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 02 Oct 2013 10:46:43 +0200 From: Paolo Bonzini <pbonzini@...hat.com> To: Paul Mackerras <paulus@...ba.org> CC: Benjamin Herrenschmidt <benh@...nel.crashing.org>, Gleb Natapov <gleb@...hat.com>, Michael Ellerman <michael@...erman.id.au>, linux-kernel@...r.kernel.org, agraf@...e.de, mpm@...enic.com, herbert@...dor.hengli.com.au, linuxppc-dev@...abs.org, kvm@...r.kernel.org, kvm-ppc@...r.kernel.org, tytso@....edu Subject: Re: [PATCH 3/3] KVM: PPC: Book3S: Add support for hwrng found on some powernv systems Il 02/10/2013 07:09, Paul Mackerras ha scritto: > On Tue, Oct 01, 2013 at 01:19:06PM +0200, Paolo Bonzini wrote: > >> Anyhow, I would like to know more about this hwrng and hypercall. >> >> Does the hwrng return random numbers (like rdrand) or real entropy (like >> rdseed that Intel will add in Broadwell)? What about the hypercall? > > Well, firstly, your terminology is inaccurate. Real entropy will give > you random numbers. I think when you say "random numbers" you > actually mean "pseudo-random numbers". Yes---I meant pseudo-random numbers where the generator is periodically seeded by a random number. > Secondly, the RNG produces real entropy. Good to know, thanks. > Not sure why they are particularly "precious"; we get 64 bits per > microsecond whether we use them or not. What are you suggesting > arch_get_random_long() should do instead? If you are running rngd, there is no need to have arch_get_random_long() at all. >> 3) If the hypercall returns random numbers, then it is a pretty >> braindead interface since returning 8 bytes at a time limits the >> throughput to a handful of MB/s (compare to 200 MB/sec for x86 rdrand). >> But more important: in this case drivers/char/hw_random/pseries-rng.c >> is completely broken and insecure, just like patch 2 in case (1) above. > > Assuming that by "random numbers" you actually mean "pseudo-random > numbers", then this doesn't apply. Indeed. >> 4) If the hypercall returns entropy (same as virtio-rng), the same >> considerations on speed apply. If you can only produce entropy at say 1 >> MB/s (so reading 8 bytes take 8 microseconds---which is actually very >> fast), it doesn't matter that much to spend 7 microseconds on a >> userspace roundtrip. It's going to be only half the speed of bare >> metal, not 100 times slower. > > 8 bytes takes at most 1 microsecond, so the round-trip to userspace is > definitely noticeable. Thanks. Any chance you can give some numbers of a kernel hypercall and a userspace hypercall on Power, so we have actual data? For example a hypercall that returns H_PARAMETER as soon as possible. Paolo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists