lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 21 May 2024 14:32:20 +0200
From: "Jason A. Donenfeld" <Jason@...c4.com>
To: Florian Weimer <fweimer@...hat.com>
Cc: linux-kernel@...r.kernel.org, patches@...ts.linux.dev,
	tglx@...utronix.de, adhemerval.zanella@...aro.org
Subject: Re: [PATCH v15 2/5] random: add vgetrandom_alloc() syscall

On Tue, May 21, 2024 at 01:48:10PM +0200, Florian Weimer wrote:
> * Jason A. Donenfeld:
> 
> > Libc is expected to allocate a chunk of these on first use, and then
> > dole them out to threads as they're created, allocating more when
> > needed. The returned address of the first state may be passed to
> > munmap(2) with a length of `num * size_per_each`, in order to deallocate
> > the memory.
> 
> I think “first use” actually means “processs start” here?  We don't have
> a way to report failure from arc4random and similar interfaces.

First use, actually. On failure this just falls back to slow syscall
getrandom() with identical semantics.

Adhemerval has a branch of libc where he implemented this, if you're
interested. He's in CC to send the link.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ