lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+icZUXS2OPFuEkDC2oHDd344efkbAoq_oP0agqrvWD5FHDXGA@mail.gmail.com>
Date:   Thu, 13 Aug 2020 09:53:11 +0200
From:   Sedat Dilek <sedat.dilek@...il.com>
To:     Willy Tarreau <w@....eu>
Cc:     George Spelvin <lkml@....org>, Amit Klein <aksecurity@...il.com>,
        Eric Dumazet <edumazet@...gle.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Andy Lutomirski <luto@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        netdev@...r.kernel.org
Subject: Re: [DRAFT PATCH] random32: make prandom_u32() output unpredictable

On Wed, Aug 12, 2020 at 5:21 AM Willy Tarreau <w@....eu> wrote:
>
> On Tue, Aug 11, 2020 at 12:51:43PM +0200, Sedat Dilek wrote:
> > Can you share this "rebased to mainline" version of George's patch?
>
> You can pick it from there if that helps, but keep in mind that
> it's just experimental code that we use to explain our ideas and
> that we really don't care a single second what kernel it's applied
> to:
>
>    https://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/cleanups.git/log/?h=20200811-prandom-1
>

Thanks Willy.

I disagree: the base for testing should be clear(ly communicated).

There are two diffs from Eric to #1: add a trace event for
prandom_u32() and #2: a removal of prandom_u32() call in
tcp_conn_request().
In case you have not seen.
The first was helpful for playing with linux-perf.
I have tested both together with [2].

- Sedat -

[1] https://marc.info/?l=linux-netdev&m=159716173516111&w=2
[2] https://git.kernel.org/pub/scm/linux/kernel/git/luto/linux.git/log/?h=random/fast

Note2myself: Enable some useful random/random32 Kconfigs

RANDOM32_SELFTEST n -> y
WARN_ALL_UNSEEDED_RANDOM n -> y

- EOT -

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ