From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) by sourceware.org (Postfix) with ESMTPS id C07A938515F7 for ; Thu, 31 Mar 2022 23:05:31 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C07A938515F7 Received: by mail-pj1-x1035.google.com with SMTP id y16so802014pju.4 for ; Thu, 31 Mar 2022 16:05:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=aPHxDmgr2DnK3yBLxaEfmQAdW4XzQmDK7npiE1Rx/Z8=; b=tAZfTmEnVP7Nba/DL9/tmxXSzQme+BtFMMIjfw1RHsENNucrUu6i8aw1xFYePPFsYr cJYqU1P3V/BrYxKZ2ASlJPrUyUt8sQz/Kx3Ik8V6zTeXN1N9N1AQsYSkrKOIXWPLdNS+ UDg+q8uNlR/ftq4YhL3yjSSCp7qJbelZzfuyCMsq5ReBsr14gTfa2Ez02dQp6xViKBWG fnP0a2HXGT0kf923+JFKdPKjpHDOxKI67xw8pTGhcshlZ+LSB2g3XSfCPURfcdqOdzRL 2S/diPZ0WI0N3uCL22gRMI/6TE7mROhhj9Atot5ZUGBnVuOtp/KCc+y0gH0VUqbuaDoa vfPg== X-Gm-Message-State: AOAM532Tfrnl54/8jVTvWyHOgtU5dTKlmC4uLhfhAZSLC5T9DuUgbcUQ CBCSCOwvLiVp96yWlJWg4Ppf0l48lqs6rKBjnIc= X-Google-Smtp-Source: ABdhPJx1077P3mbb6nvlLV1gfwQX133LDf8D4a+u+Y4Gf+AOFh1pJ5kC+yY6Y+QyGgjzsC1yMBAMHxTM+ZUD3nYRM/0= X-Received: by 2002:a17:90a:be12:b0:1c7:aea:b384 with SMTP id a18-20020a17090abe1200b001c70aeab384mr8364526pjs.178.1648767930776; Thu, 31 Mar 2022 16:05:30 -0700 (PDT) MIME-Version: 1.0 References: <20220328220936.2724834-1-goldstein.w.n@gmail.com> <7b48ece6-392a-0850-c136-01ab751273ef@linaro.org> <72332228-093c-5186-789f-8616cfb93793@linaro.org> <0198ce75-8a8e-4355-eed1-f69dfb6f40f0@linaro.org> In-Reply-To: From: Noah Goldstein Date: Thu, 31 Mar 2022 18:05:20 -0500 Message-ID: Subject: Re: [PATCH v1 1/2] random-bits: Factor out entropy generating function To: "Jason A. Donenfeld" Cc: =?UTF-8?Q?Cristian_Rodr=C3=ADguez?= , Adhemerval Zanella , GNU C Library , Florian Weimer Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-3.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Mar 2022 23:05:33 -0000 On Thu, Mar 31, 2022 at 5:51 PM Jason A. Donenfeld wrote: > > Hi Cristian, > > On Thu, Mar 31, 2022 at 5:57 PM Cristian Rodr=C3=ADguez > wrote: > > > > On Thu, Mar 31, 2022 at 12:32 PM Jason A. Donenfeld w= rote: > > > > > > Just so we're on the same page here, is this a discussion about > > > optimizing https://code.woboq.org/userspace/glibc/include/random-bits= .h.html > > > ? > > > > > > You just need a super fast random uint32_t for some future pthread ch= anges? > > > > > > If so, I can send a patch to return moderately secure integers here r= eally fast. > > > > > > Jason > > > > That would be great if is better than the current solution. > > Alright, well, here's something: https://xn--4db.cc/YQOxDP6Z/c > > This is somewhat "secure", and maybe overkill. AFAIK our goal is entropy more so than security. For example if this is used to generate jiffies to stagger threads its not a security issue in any sense, it's just not ideal for performance. > > I can adjust this to have additional security properties (for example, > preventing that counter from running backwards). Or I can adjust it to > be even faster and have fewer security properties. Or maybe bench this > and you'll find that it's fine. > > I suspect the only thing we really care about here is not leaking the > AT_RANDOM value somehow, and siphash usually does a good job at that. > > Thoughts? > > Jason