From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from fout8-smtp.messagingengine.com (fout8-smtp.messagingengine.com [103.168.172.151]) by sourceware.org (Postfix) with ESMTPS id 6377C3858D28 for ; Fri, 22 Mar 2024 15:31:26 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 6377C3858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=owlfolio.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=owlfolio.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 6377C3858D28 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=103.168.172.151 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1711121496; cv=none; b=Al4OGQCCiY2oxkdyM+MFz3Mc0sL+UDvJOUAKJuKEu6bCDBhTKg6UhUm055a7xf0x8/Rojlc0oOylCd3BlrUh1Tnhh1TG1rjne4/LZnuc03XPjTi5lRIGIVxh/H3R/7+ZvbQmOQD9zxeOn0OGNmEzXC+6jDTX7FlbS9l25Pi2voQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1711121496; c=relaxed/simple; bh=ZUyCeowlmkDYjWaEGVhtjKa5Ez9RZhVM0EoeJdYUcdM=; h=DKIM-Signature:DKIM-Signature:MIME-Version:Message-Id:Date:From: To:Subject; b=JEukD9w1pwcE529V/i2OdPRqpO/mjyikvmP9VWn81NXVJY+AIgGhUyuEC+9ErmNwurHGFmeF512JMEY5dLo4/DiQa5OH1kuX2MYQb68Swq9FIWkp6io4E2W0VG1QiLIW2rMSykp7XbpNqK+P47NohmEYIpGzq7tra6hLIwKzGW4= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailfout.nyi.internal (Postfix) with ESMTP id DDDE6138010D; Fri, 22 Mar 2024 11:31:25 -0400 (EDT) Received: from imap45 ([10.202.2.95]) by compute5.internal (MEProxy); Fri, 22 Mar 2024 11:31:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=owlfolio.org; h= cc:cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1711121485; x=1711207885; bh=qu4TO0bTeA /o7kA3BksUqY4L5hYxnaYE4aYITG9PWR0=; b=bznG0C4XueyZJ2nTkFKK7kR22k lITRw0/RoygWvIUkNjGmx4H5npt3qultqNxYMWg7AejHTBYv6e6nFz9bkf+OI6Y7 kmhupFgUw5c2axYwedIHKlODIp7Gs4IKe8KcjeQBbop8cg3TxuMQIurHnI74xKZJ Urb/kEslDJxB+faRO3AFVEryE/IhIEPgyy6K+m7GmAevv9KQs3mNolzhnzgmq+9i HXtikO37sz5/VW+CCG5h0Vi4/b+dIYa5yhGeSi8PgItQRVL0JjfeF5emHuSwG1+g j3VhBBHJXY3nmw3Pm8VknTa+FEJs4cere5ssJMF8kWpodOs1fxC5OY4aBOyw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1711121485; x=1711207885; bh=qu4TO0bTeA/o7kA3BksUqY4L5hYx naYE4aYITG9PWR0=; b=sTjDDMZ7x2usiU8KWpxyagpIIdMCwb3PQu45PeUw+C4J L63i0qrGsbabKuzPxNt2PQ5dDVau1QmHDQ4p0SjsbR+jbaxHy9W4tmppyrKZMVDy iECu1bko4MHeHrWq7MoWxdQjYLDYJFg8KG02YMKKX1TytjUgg9JkKM0YAvbcWU9g /SP8HY1EjsnaUAb6IVM7zZNX/jKtSYcrJUe4HuPNxxOL20pwK7OF4eAB2qSMBDdC wd6L26XmJER4qIhtscyMnh1xjBHYrTebeKuxynJhRYO7ltRs7eI7MTYzxF4mQ8v9 Pndq74r6zOFAoAbBHlHf0TH4maG8vQCb3WUmP9EvRA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledruddtvddgudefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvfevufgtsehttdertderredtnecuhfhrohhmpedfkggr tghkucghvghinhgsvghrghdfuceoiigrtghksehofihlfhholhhiohdrohhrgheqnecugg ftrfgrthhtvghrnhephfelfeehudfhleegheegjeevheeuieehvdfgueeuteetleeiieet heefhfeludeinecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh homhepiigrtghksehofihlfhholhhiohdrohhrgh X-ME-Proxy: Feedback-ID: i876146a2:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id 4C2CE272007C; Fri, 22 Mar 2024 11:31:24 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.11.0-alpha0-332-gdeb4194079-fm-20240319.002-gdeb41940 MIME-Version: 1.0 Message-Id: <667f5ebb-13e5-4110-a002-3b2b0dfc2bdb@app.fastmail.com> In-Reply-To: <17ac36a5-d5c0-4f71-8cf3-5eaf014194d6@linaro.org> References: <89b53f94-075f-4a34-99df-778271965de9@linaro.org> <878r2c11au.fsf@oldenburg.str.redhat.com> <40f9403d-5edc-47ae-8560-6549753ebf39@linaro.org> <17ac36a5-d5c0-4f71-8cf3-5eaf014194d6@linaro.org> Date: Fri, 22 Mar 2024 11:30:37 -0400 From: "Zack Weinberg" To: "Adhemerval Zanella" , =?UTF-8?Q?Cristian_Rodr=C3=ADguez?= , "Florian Weimer" Cc: "Wilco Dijkstra" , "GNU libc development" , "Mathieu Desnoyers" , "Jason A. Donenfeld" Subject: Re: [PATCH 2/2] Add single-threaded fast path to rand() Content-Type: text/plain X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,JMQ_SPF_NEUTRAL,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Fri, Mar 22, 2024, at 10:46 AM, Adhemerval Zanella Netto wrote: > On 22/03/24 11:27, Zack Weinberg wrote: >> On Thu, Mar 21, 2024, at 11:53 AM, Adhemerval Zanella Netto wrote: >>> And even if arc4random is explicit a non CPRNG, there were some worries that >>> users might misuse the interface and thus add some security issues. >> >> No opinion about anything else in this thread, but if we add arc4random at all >> it MUST be a CSPRNG. That's a documented guarantee on all the systems that >> do have it, and applications rely on it. > > Yeah, this is another point of contention where one might consider that a > userland CPRNG that has no feedback from kernel to where/how to properly > reseed might not be considered a CPRNG. I would describe that as a "CSPRNG with a known bug that makes it unsuitable for use under some conditions", but not as "not a CSPRNG". I would only call it "not a CSPRNG" if the cryptographic primitives were no good (e.g. RC4 or Xorshift or something even more predictable) or if there was a way to leak or clone the state *in a single-threaded program that does not fork*. On a related note, why is MADV_WIPEONFORK not adequate "feedback from the kernel"? zw