From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
To: "Cristian Rodríguez" <crrodriguez@opensuse.org>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
Noah Goldstein <goldstein.w.n@gmail.com>,
GNU C Library <libc-alpha@sourceware.org>,
Florian Weimer <fweimer@redhat.com>
Subject: Re: [PATCH v1 1/2] random-bits: Factor out entropy generating function
Date: Thu, 31 Mar 2022 08:48:38 -0300 [thread overview]
Message-ID: <f4eba212-3905-921a-42aa-f8e9f65d2b63@linaro.org> (raw)
In-Reply-To: <CAPBLoAeiP2Xmjun+CcQmajrsJis_57WT_+X1_eQyfW-vHuTR8w@mail.gmail.com>
On 31/03/2022 08:25, Cristian Rodríguez wrote:
> On Thu, Mar 31, 2022 at 8:17 AM Adhemerval Zanella
> <adhemerval.zanella@linaro.org> wrote:
>
>> There are still some discussion on which is the best strategy to handle
>> fork resets and if we need per thread buffers to optimize multithread
>> access.
>
> What about giving up on this and making the state small and use thread
> local storage for it ?
> I believe all this complexity to handle that cases is not worth it.
That what the per-thread buffer is about, we will need to define how much
buffer would ideal, how to allocate (extending the TCB or using TLS), if
the size would be tunable, which cipher to use, how to handle failures
internally if the source of entropy is not available (Florian patch [1]
used getrandom or /dev/random, and using AT_RANDOM might limit other
usages like guard and stack pointer hardening).
The AES implementation proposed uses a somewhat large state (about 300
bytes), which might add some overhead it would a per-thread buffer. And
afaik other cyphers like Chacha20 have a even larger state (512 bytes).
Florian patch tries to implement some lock-free access to the common
buffer to decrease the state size, it might be a better option indeed.
But if you check Florian's patch, most of the complexity come from
fork detections where even with a per-thread buffer we will need
to handle (for the forked thread).
[1] https://sourceware.org/legacy-ml/libc-alpha/2018-05/msg00891.html
next prev parent reply other threads:[~2022-03-31 11:48 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-28 22:09 Noah Goldstein
2022-03-28 22:09 ` [PATCH v1 2/2] x86: Use rdtsc for generating entropy for random_bits Noah Goldstein
2022-03-29 19:51 ` [PATCH v1 1/2] random-bits: Factor out entropy generating function Adhemerval Zanella
2022-03-29 19:56 ` Noah Goldstein
2022-03-29 20:04 ` Noah Goldstein
2022-03-29 20:14 ` H.J. Lu
2022-03-29 20:44 ` Adhemerval Zanella
2022-03-29 20:52 ` Noah Goldstein
2022-03-29 20:37 ` Adhemerval Zanella
2022-03-29 20:44 ` Noah Goldstein
2022-03-30 15:37 ` Adhemerval Zanella
2022-03-30 16:30 ` Noah Goldstein
2022-03-30 19:38 ` Cristian Rodríguez
2022-03-31 4:45 ` Jason A. Donenfeld
2022-03-31 10:08 ` Cristian Rodríguez
2022-03-31 11:17 ` Adhemerval Zanella
2022-03-31 11:25 ` Cristian Rodríguez
2022-03-31 11:48 ` Adhemerval Zanella [this message]
2022-03-31 12:14 ` Cristian Rodríguez
2022-03-31 13:12 ` Yann Droneaud
2022-03-31 15:31 ` Jason A. Donenfeld
2022-03-31 18:16 ` Noah Goldstein
2022-03-31 21:57 ` Cristian Rodríguez
2022-03-31 22:33 ` Noah Goldstein
2022-03-31 22:51 ` Jason A. Donenfeld
2022-03-31 23:05 ` Noah Goldstein
2022-03-31 23:25 ` Jason A. Donenfeld
2022-04-01 18:01 ` Cristian Rodríguez
2022-04-04 17:42 ` Adhemerval Zanella
2022-04-04 18:23 ` Noah Goldstein
2022-04-04 18:38 ` Adhemerval Zanella
2022-04-04 18:52 ` Noah Goldstein
2022-04-04 19:20 ` Adhemerval Zanella
2022-04-04 19:48 ` Noah Goldstein
2022-04-04 19:57 ` Adhemerval Zanella
2022-04-04 14:51 ` Florian Weimer
2022-04-04 14:54 ` Jason A. Donenfeld
2022-04-04 15:00 ` Florian Weimer
2022-04-04 16:51 ` Noah Goldstein
2022-04-04 17:22 ` Adhemerval Zanella
2022-04-04 18:32 ` Jason A. Donenfeld
2022-04-04 19:16 ` Noah Goldstein
2022-04-05 0:10 ` Cristian Rodríguez
2022-04-05 0:18 ` Jason A. Donenfeld
2022-04-05 13:45 ` Cristian Rodríguez
2022-04-05 9:22 ` Florian Weimer
2022-04-04 18:28 ` Jason A. Donenfeld
2022-04-05 9:20 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f4eba212-3905-921a-42aa-f8e9f65d2b63@linaro.org \
--to=adhemerval.zanella@linaro.org \
--cc=Jason@zx2c4.com \
--cc=crrodriguez@opensuse.org \
--cc=fweimer@redhat.com \
--cc=goldstein.w.n@gmail.com \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).