lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 20 Aug 2020 14:08:53 +0200
From:   Sedat Dilek <sedat.dilek@...il.com>
To:     Willy Tarreau <w@....eu>
Cc:     Eric Dumazet <edumazet@...gle.com>, George Spelvin <lkml@....org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Amit Klein <aksecurity@...il.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Andy Lutomirski <luto@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Peter Zijlstra <peterz@...radead.org>, netdev@...r.kernel.org
Subject: Re: [DRAFT PATCH] random32: make prandom_u32() output unpredictable

On Thu, Aug 20, 2020 at 10:05 AM Willy Tarreau <w@....eu> wrote:
>
> On Thu, Aug 20, 2020 at 08:58:38AM +0200, Willy Tarreau wrote:
> > I've just pushed a new branch "20200820-siphash-noise" that I also
> > rebased onto latest master. It's currently running make allmodconfig
> > here, so that will take a while, but I think it's OK as random32.o is
> > already OK. I've also addressed a strange build issue caused by having
> > an array instead of 4 ints in siprand_state.
> >
> > Please just let me know if that's OK for you now.
>
> At least it worked for me now (built with no errors on x86_64):
>
> $ time make -j 8 bzImage modules
> (...)
> real    65m7.986s
> user    477m22.477s
> sys     38m0.545s
> $ find . -name '*.ko' |wc -l
> 7983
>

Runs fine here.

Thanks Willy for the "20200820-siphash-noise" [1] patchset and
including/fixing all my reported issues.

[1] Staging driver build failures fixed by...
WIP: random32: rename the K0/K1 SipHash constants to PRND_K*

[2] modpost undefined "net_rand_noise" errors fixed by...
WIP: random32: export net_rand_noise

[3] Consolidate/move/cleanup stuff in random32.c and prandom.h
WIP: random32: keep a single macro definition for sipround

This patchset looks very good to me :-).

[ TESTING WITH LTP ]

I run another perf-session by running
"LTP::net.features::tcp_fastopen" test only.
Unsure if there exist some more appropriate LTP tests.
For example there exists "net_stress.*" (see [2]).

[ PERF-SESSION ]

Link: https://github.com/ClangBuiltLinux/linux/issues/1086#issuecomment-675783804

/home/dileks/bin/perf list | grep prandom_u32 | column -t
random:prandom_u32  [Tracepoint  event]

cd /opt/ltp

echo 0 | tee /proc/sys/kernel/kptr_restrict /proc/sys/kernel/perf_event_paranoid

/home/dileks/bin/perf record -a -g -e random:prandom_u32 ./runltp -f
net.features -s tcp_fastopen
/home/dileks/bin/perf report --no-children --stdio > ./perf-report.txt
/home/dileks/bin/perf script > ./perf-script.txt

echo 1 | tee /proc/sys/kernel/kptr_restrict /proc/sys/kernel/perf_event_paranoid

[ /PERF-SESSION ]

For a "comparison" (?) I attached two perf-reports - the newer one
includes Willy's latest patchset.

- Sedat -

[1] https://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/prandom.git/log/?h=20200820-siphash-noise
[2] https://github.com/linux-test-project/ltp/tree/master/runtest

View attachment "perf-report-2020-08-19.txt" of type "text/plain" (21043 bytes)

View attachment "perf-report-2020-08-20.txt" of type "text/plain" (21103 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ