lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 14 Sep 2020 18:48:53 +0200
From:   Sedat Dilek <sedat.dilek@...il.com>
To:     Willy Tarreau <w@....eu>
Cc:     Amit Klein <aksecurity@...il.com>,
        David Laight <David.Laight@...lab.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        George Spelvin <lkml@....org>,
        Eric Dumazet <edumazet@...gle.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        Andy Lutomirski <luto@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        "tytso@....edu" <tytso@....edu>, Florian Westphal <fw@...len.de>,
        Marc Plumb <lkml.mplumb@...il.com>
Subject: Re: [PATCH 1/2] random32: make prandom_u32() output unpredictable

On Mon, Sep 14, 2020 at 6:29 PM Willy Tarreau <w@....eu> wrote:
>
> On Mon, Sep 14, 2020 at 06:16:40PM +0200, Sedat Dilek wrote:
> > On Mon, Sep 14, 2020 at 4:53 PM Amit Klein <aksecurity@...il.com> wrote:
> > >
> > > Hi
> > >
> > > Is this patch being pushed to any branch? I don't see it deployed anywhere (unless I'm missing something...).
> > >
> >
> > It's here:
> >
> > [1] https://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/prandom.git/log/?h=20200901-siphash-noise
>
> By the way I didn't get any feedback from those who initially disagreed
> with the one that was mergd, so for now I'm not doing anything on it
> anymore. I can propose it again for 5.10-rc1 but will not push anymore
> if there's no interest behind it.
>

As a feedback:

Just some minutes ago...
I have booted into Linux v5.9-rc5 with your (above mentioned) patchset
plus some individual mostly Clang related patchset.

While dealing with that topic, there was a "fast random" patchset from
[1] offered in this context.
I am not subscribed to any linux-random mailing-list, but I have this
one included, too.
Unsure, if there was any feedback on this.
With WARN_ALL_UNSEEDED_RANDOM=y it reduces here the number of warnings.

As a use-case I ran this PERF-SESSION...

Link: https://github.com/ClangBuiltLinux/linux/issues/1086#issuecomment-675783804

/home/dileks/bin/perf list | grep prandom_u32 | column -t
random:prandom_u32  [Tracepoint  event]

cd /opt/ltp

echo 0 | tee /proc/sys/kernel/kptr_restrict /proc/sys/kernel/perf_event_paranoid

/home/dileks/bin/perf record -a -g -e random:prandom_u32 ./runltp -f
net.features -s tcp_fastopen
/home/dileks/bin/perf report --no-children --stdio > ./perf-report.txt
/home/dileks/bin/perf script > ./perf-script.txt

echo 1 | tee /proc/sys/kernel/kptr_restrict /proc/sys/kernel/perf_event_paranoid

I was curious (mostly) to see what the impact of tcp_conn_request()
<-> prandom_u32() was and the improvements by the patch from Eric.
I can send the perf-report.txt if desired.

- Sedat -

[1] https://git.kernel.org/pub/scm/linux/kernel/git/luto/linux.git/log/?h=random/fast

Powered by blists - more mailing lists