lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 13 Aug 2020 10:13:41 +0200
From:   Sedat Dilek <sedat.dilek@...il.com>
To:     Willy Tarreau <w@....eu>
Cc:     George Spelvin <lkml@....org>, Amit Klein <aksecurity@...il.com>,
        Eric Dumazet <edumazet@...gle.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Andy Lutomirski <luto@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        netdev@...r.kernel.org
Subject: Re: [DRAFT PATCH] random32: make prandom_u32() output unpredictable

On Thu, Aug 13, 2020 at 10:06 AM Willy Tarreau <w@....eu> wrote:
>
> On Thu, Aug 13, 2020 at 09:53:11AM +0200, Sedat Dilek wrote:
> > On Wed, Aug 12, 2020 at 5:21 AM Willy Tarreau <w@....eu> wrote:
> > >
> > > On Tue, Aug 11, 2020 at 12:51:43PM +0200, Sedat Dilek wrote:
> > > > Can you share this "rebased to mainline" version of George's patch?
> > >
> > > You can pick it from there if that helps, but keep in mind that
> > > it's just experimental code that we use to explain our ideas and
> > > that we really don't care a single second what kernel it's applied
> > > to:
> > >
> > >    https://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/cleanups.git/log/?h=20200811-prandom-1
> > >
> >
> > Thanks Willy.
> >
> > I disagree: the base for testing should be clear(ly communicated).
>
> It is. As you can see on the log above, this was applied on top of
> fc80c51fd4b2, there's nothing special here. In addition we're not even
> talking about testing nor calling for testers, just trying to find a
> reasonable solution. Maybe today I'll be able to re-run a few tests by
> the way.
>

I agree with publishing in your Git tree it is clear.

> > There are two diffs from Eric to #1: add a trace event for
> > prandom_u32() and #2: a removal of prandom_u32() call in
> > tcp_conn_request().
> > In case you have not seen.
>
> I've seen, just not had the time to test yet.
>

Can you describe and share your test-environment/setup?

The Linux-kernel has kunit tests (I never played with that) - you
happen to know there is a suitable one available?

Maybe the Linux Test Project has some suitable tests?

- Sedat -

Powered by blists - more mailing lists