lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2790505.9o76ZdvQCi@tjmaciei-mobl5>
Date: Fri, 07 Nov 2025 11:55:35 -0800
From: Thiago Macieira <thiago.macieira@...el.com>
To: "Jason A. Donenfeld" <Jason@...c4.com>
Cc: Borislav Petkov <bp@...en8.de>, Christopher Snowhill <chris@...e54.net>,
 Gregory Price <gourry@...rry.net>, x86@...nel.org,
 linux-kernel@...r.kernel.org, tglx@...utronix.de, mingo@...hat.com,
 dave.hansen@...ux.intel.com, hpa@...or.com, peterz@...radead.org,
 mario.limonciello@....com, riel@...riel.com, yazen.ghannam@....com,
 me@...aill.net, kai.huang@...el.com, sandipan.das@....com,
 darwi@...utronix.de, stable@...r.kernel.org
Subject:
 Re: [PATCH v2] x86/amd: Disable RDSEED on AMD Zen5 because of an error.

On Friday, 7 November 2025 11:13:28 Pacific Standard Time Jason A. Donenfeld 
wrote:
> > But consider people who haven't upgraded Linux (yes, we get people asking
> > to keep everything intact in their system, but upgrade Qt only, then
> > complain when our dependency minimums change). How much of an impact
> > would they have?
> I suppose you could benchmark it and see if it matters. The syscall is
> obviously slower than the megafast vDSO code, so it will probably also
> be a bit slower than the MT code. But I suspect for most use cases maybe
> it doesn't matter that much? It's worth a try and seeing if anybody
> complains.

I'm not asking about the performance of generating new random numbers in this 
process.

I am asking about the system-wide impact that draining the entropy source 
would have. Is that a bad thing?

I suspect the answer is "no" because it's the same as /dev/urandom anyway.

-- 
Thiago Macieira - thiago.macieira (AT) intel.com
  Principal Engineer - Intel DCG - Platform & Sys. Eng.

Download attachment "smime.p7s" of type "application/pkcs7-signature" (5150 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ