lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Sun, 9 Aug 2020 23:10:50 +0200
From:   Sedat Dilek <sedat.dilek@...il.com>
To:     George Spelvin <lkml@....org>
Cc:     Amit Klein <aksecurity@...il.com>, Willy Tarreau <w@....eu>,
        Eric Dumazet <edumazet@...gle.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Andy Lutomirski <luto@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        netdev@...r.kernel.org
Subject: Re: [DRAFT PATCH] random32: make prandom_u32() output unpredictable

+ CC:netdev

( Just FYI: Build and boot on bare metal. )

- Sedat -

On Sun, Aug 9, 2020 at 11:01 PM Sedat Dilek <sedat.dilek@...il.com> wrote:
>
> Hi George,
>
> I have tried your patch on top of Linux v5.8 with...
>
> commit f227e3ec3b5c ("random32: update the net random state on
> interrupt and activity")
>
> ...reverted.
> This was a bit tricky - what was your base?
>
> Applied the typo fix from Randy - will a v2 follow?
>
> Why DRAFT and not RFC?
>
> Please drop the CC:stable - it's a DRAFT.
>
> Other Linux stable like linux-5.7.y include...
>
> commit c0842fbc1b18c7a044e6ff3e8fa78bfa822c7d1a
> random32: move the pseudo-random 32-bit definitions to prandom.h
>
> commit 585524081ecdcde1c719e63916c514866d898217
> random: random.h should include archrandom.h, not the other way around
>
> ...linux-5.8.y stable will follow.
>
> Isn't the move to prandom.h making your patch easier to apply?
>
> In a second build I applied the snippet from Willy.
>
> What do you mean by...?
>
> [ quote ]
> I wonder if, on general principles, it would be better to use a more
> SipHash style mixing in of the sample:
>     m = get_cycles();
>     v3 ^= m;
>     SIPROUND(v0, v1, v2, v3);
>     SIPROUND(v0, v1, v2, v3);
>     v0 ^= m;
>
> Not sure if it's worth the extra register (and associated spill/fill).
> [ /quote ]
>
> Have you a snippet for testing?
>
> Thanks.
>
> Regards,
> - Sedat -

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ