lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Aug 2020 10:06:46 +0200 From: Willy Tarreau <w@....eu> To: Sedat Dilek <sedat.dilek@...il.com> Cc: George Spelvin <lkml@....org>, Amit Klein <aksecurity@...il.com>, Eric Dumazet <edumazet@...gle.com>, "Jason A. Donenfeld" <Jason@...c4.com>, Andy Lutomirski <luto@...nel.org>, Kees Cook <keescook@...omium.org>, Thomas Gleixner <tglx@...utronix.de>, Peter Zijlstra <peterz@...radead.org>, Linus Torvalds <torvalds@...ux-foundation.org>, netdev@...r.kernel.org Subject: Re: [DRAFT PATCH] random32: make prandom_u32() output unpredictable On Thu, Aug 13, 2020 at 09:53:11AM +0200, Sedat Dilek wrote: > On Wed, Aug 12, 2020 at 5:21 AM Willy Tarreau <w@....eu> wrote: > > > > On Tue, Aug 11, 2020 at 12:51:43PM +0200, Sedat Dilek wrote: > > > Can you share this "rebased to mainline" version of George's patch? > > > > You can pick it from there if that helps, but keep in mind that > > it's just experimental code that we use to explain our ideas and > > that we really don't care a single second what kernel it's applied > > to: > > > > https://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/cleanups.git/log/?h=20200811-prandom-1 > > > > Thanks Willy. > > I disagree: the base for testing should be clear(ly communicated). It is. As you can see on the log above, this was applied on top of fc80c51fd4b2, there's nothing special here. In addition we're not even talking about testing nor calling for testers, just trying to find a reasonable solution. Maybe today I'll be able to re-run a few tests by the way. > There are two diffs from Eric to #1: add a trace event for > prandom_u32() and #2: a removal of prandom_u32() call in > tcp_conn_request(). > In case you have not seen. I've seen, just not had the time to test yet. Willy
Powered by blists - more mailing lists