From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yb1-xb34.google.com (mail-yb1-xb34.google.com [IPv6:2607:f8b0:4864:20::b34]) by sourceware.org (Postfix) with ESMTPS id 30D3E3858C53 for ; Thu, 14 Apr 2022 20:36:22 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 30D3E3858C53 Received: by mail-yb1-xb34.google.com with SMTP id i20so11473649ybj.7 for ; Thu, 14 Apr 2022 13:36:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=iPXifvcPno//Dq4tSKq10uaNVzc6BRx48trRLwIUJC4=; b=kcUipU3wpzGxLmwSvg4X4eHgWfuwfQeZYu4S4chkIA5BKfFjWuzZVXXD3wU3SW4D5B IEMevmvAfma29cJTSwsaRQn9OBEi6Vv01Mrq8qwwBTwrNdWazE/9i+FZhEpN4pmygJju Ez1PKQK8xBeXzg1FRIw8cBo2qjTKQXo9ss858FoyWhvKphE11s2yundqWTil0e8NIUMP FvjwWr6+ASDYsjqHJfSur2P4sPTIitHd9lr0wY2izw6faTsJbzL+rFJSli5kwF/UxOQf zxsJe/LVpbrglFRIalfhxl/6RuR6MVCST/eMkTgOy/YxZUNRwX2WBZAkSEtgMKrc3TvZ y5og== X-Gm-Message-State: AOAM531FK5IpuGO+v52paSsQbdAJjyo1Oxv2sOcXCfMMXjL4I5FyXaeM pw/IwSNIHk26HLBWRevaQcGKiAdz5K30MENENdY= X-Google-Smtp-Source: ABdhPJzK6WqXl0XU8o5+KweoqmUKw6FPIePdPG9LeuInpFajM4CK7O+e5U5+Auu2vOA56xc5CjcXPJNSR8UQJhW4H2g= X-Received: by 2002:a5b:f83:0:b0:63d:a251:2c51 with SMTP id q3-20020a5b0f83000000b0063da2512c51mr2960949ybh.594.1649968580381; Thu, 14 Apr 2022 13:36:20 -0700 (PDT) MIME-Version: 1.0 References: <20220413202401.408267-1-adhemerval.zanella@linaro.org> In-Reply-To: From: Noah Goldstein Date: Thu, 14 Apr 2022 15:36:09 -0500 Message-ID: Subject: Re: [PATCH 0/7] Add arc4random support To: Adhemerval Zanella Cc: =?UTF-8?Q?Cristian_Rodr=C3=ADguez?= , GNU C Library Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Apr 2022 20:36:23 -0000 On Thu, Apr 14, 2022 at 2:26 PM Adhemerval Zanella via Libc-alpha wrote: > > > > On 14/04/2022 08:49, Cristian Rodr=C3=ADguez wrote: > > If this interface is gonna added, GNU extensions that return uint64_t > > of arc4random and arc4random_uniform will be extremely cool. > > Even cooler if there is no global state. > > I don't think adding a uint64_t interface for arc4random would improve > much, specially because a simple wrapper using arc4random_buf should > be suffice. It would also require portable code to handle another > GNU extension over a BSD defined interface that is presented in multiple > systems. Also performance-wise I think it would be much different than > arc4random_buf. It make some sense for arc4random_uniform, but I don't > have a strong opinion. > > The global state adds some hardening by 'slicing up the stream' since > multiple consumers getting different pieces add backtracking and predicti= on > resistance. Theo de Raadt explains a bit why OpenBSD has added this > concept [1] (check about minute 26) on its arc4random implementation. > As he puts, there is no formal proof, but I agree that the ideas are > reasonable. > > Also, not using a global state means we will need to add a per-thread or > per-cpu state which is at least one page (due MADV_WIPEONFORK). The > per-cpu state is only actually possible on newer Linux kernels that > support rseq. We might just not care about MADV_WIPEONFORK and use > a malloc buffer which would be reset by the atfork internal handler. We could best-effort per-cpu without rseq (select arena based on current cpu) and have a truly optimized version if rseq is supported. Either way it's likely to be an improvement if this function is hot. > > [1] https://www.youtube.com/watch?v=3Dgp_90-3R0pE