From: Theodore Tso <tytso@mit.edu>
To: Matt Mackall <mpm@selenic.com>
Cc: Kyle Moffett <mrmacman_g4@mac.com>, Andrew Morton <akpm@osdl.org>,
linux-kernel@vger.kernel.org, davem@davemloft.net
Subject: Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
Date: Sat, 6 May 2006 07:55:02 -0400 [thread overview]
Message-ID: <20060506115502.GB18880@thunk.org> (raw)
In-Reply-To: <20060505203436.GW15445@waste.org>
On Fri, May 05, 2006 at 03:34:37PM -0500, Matt Mackall wrote:
> Nonetheless, the current SA_SAMPLE_RANDOM scheme should go. A) it's in
> the IRQ fast path B) most of its users are bogus which strongly
> indicates it's a bad API.
>
> Instead (if we want network entropy) we should add an
> add_network_randomness call in some central location in the network
> stack (probably right next to netpoll's RX hooks) and probably have it
> compiled out by default.
I disagree. It really wants to be a run-time controllable thing, and
probably on a per-interface/per-device driver basis, since it should
be up to the system administrator who is deploying the box, not the
developer or distribution compiling the kernel, to make that
determination.
Also, the entropy sampling *really* wants to be done in the hard IRQ
handling path, not some place higher in the stack since the scheduler
would smooth out the unpredictable timing information. Moving it into
the interrupt routines is in fact a problem for CONFIG_PREEMPT_RT,
since the device driver's interrupt handlers become a schedulable
entity, since the IRQ handling is moved into a separate kernel thread.
So I would much prefer to see the entropy sampling stay in its current
location, since people using real-time deserve real randomness too.
(In fact, some of them may have a **much** stronger need for it. :-)
As far as your reasons that you've given, (A) I find it hard to
believe a single conditional jump is really going to be measurable,
and (B) sure, fix the bad users, but the downside of screwing up
SA_SAMPLE_RANDOM is fairly limited; it only messes up the entropy
estimator, and in practice most users are using /dev/urandom anyway.
The random driver's algorithms are designed so that /dev/random can be
world writable, and an attacker can write arbitrary data, include all
zero's, without degrading the entropy in the pool.(*) Hence, while a
bad user of SA_SAMPLE_RANDOM should be fixed, it is hardly a
catastrophic failure.
- Ted
(*)So if User A writes data which he knows into /dev/random, it
doesn't help User A guess what /dev/random or /dev/urandom might
produce next --- and if User B doesn't know what User A has written
into the pool, User B's job just got harder. So if User's B, C, and D
all do the same thing, the net result is that effective
unpredictability of the random pool has increased for everyone.)
next prev parent reply other threads:[~2006-05-06 11:55 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-05 16:42 [PATCH 1/14] random: Remove SA_SAMPLE_RANDOM from floppy driver Matt Mackall
2006-05-05 16:42 ` [PATCH 3/14] random: Make CCISS use add_disk_randomness Matt Mackall
2006-05-05 16:42 ` [PATCH 2/14] random: Remove redundant SA_SAMPLE_RANDOM from NinjaSCSI Matt Mackall
2006-05-05 16:42 ` [PATCH 4/14] random: Change cpqarray to use add_disk_randomness Matt Mackall
2006-05-05 16:42 ` [PATCH 5/14] random: Remove bogus SA_SAMPLE_RANDOM from at91 compact flash driver Matt Mackall
2006-05-05 16:42 ` [PATCH 6/14] random: Remove redundant SA_SAMPLE_RANDOM from touchscreen drivers Matt Mackall
2006-05-05 16:42 ` [PATCH 9/14] random: Remove SA_SAMPLE_RANDOM from i2c drivers Matt Mackall
2006-05-05 16:42 ` [PATCH 11/14] random: Remove UML usage of SA_SAMPLE_RANDOM Matt Mackall
2006-05-05 16:42 ` [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers Matt Mackall
2006-05-05 17:13 ` Kyle Moffett
2006-05-05 17:24 ` Matt Mackall
2006-05-05 19:11 ` Theodore Tso
2006-05-05 20:30 ` Stephen Hemminger
2006-05-05 20:34 ` Matt Mackall
2006-05-06 11:55 ` Theodore Tso [this message]
2006-05-06 16:48 ` Matt Mackall
2006-05-06 17:29 ` Bernd Eckenfels
2006-05-06 18:05 ` Theodore Tso
2006-05-06 20:33 ` Matt Mackall
2006-05-07 0:17 ` David S. Miller
2006-05-07 1:22 ` Theodore Tso
2006-05-07 5:07 ` Matt Mackall
2006-05-08 21:58 ` Sami Farin
2006-05-24 22:47 ` Marcin Dalecki
2006-05-25 0:08 ` Theodore Tso
2006-05-31 19:29 ` Bill Davidsen
2006-05-07 0:08 ` David S. Miller
2006-05-07 4:59 ` Matt Mackall
2006-05-07 5:46 ` David S. Miller
2006-05-07 16:31 ` Matt Mackall
2006-05-07 13:13 ` Thiago Galesi
2006-05-07 16:00 ` Matt Mackall
2006-05-07 17:00 ` Thiago Galesi
2006-05-08 0:13 ` Theodore Tso
2006-05-08 2:55 ` Matt Mackall
2006-05-08 6:26 ` Pavel Machek
2006-05-08 7:07 ` David S. Miller
2006-05-08 14:05 ` Matt Mackall
2006-05-08 17:21 ` Pavel Machek
2006-05-08 17:27 ` Matt Mackall
2006-05-09 11:23 ` Pavel Machek
2006-05-11 10:05 ` Ph. Marek
2006-05-24 22:35 ` Marcin Dalecki
2006-05-05 21:10 ` David S. Miller
2006-05-05 23:03 ` Matt Mackall
2006-05-05 23:19 ` David S. Miller
2006-05-06 14:08 ` Folkert van Heusden
2006-05-06 15:19 ` Lee Revell
2006-05-07 10:35 ` Folkert van Heusden
2006-05-07 16:33 ` Matt Mackall
2006-05-05 16:42 ` [PATCH 10/14] random: Remove bogus SA_SAMPLE_RANDOM from mpc52xx serial driver Matt Mackall
2006-05-05 16:42 ` [PATCH 8/14] random: Remove SA_SAMPLE_RANDOM from USB gadget drivers Matt Mackall
2006-05-06 11:07 ` Denis Vlasenko
2006-05-06 18:16 ` David Brownell
2006-05-06 18:31 ` Matt Mackall
2006-05-05 16:42 ` [PATCH 13/14] random: Remove SA_SAMPLE_RANDOM from IRQ fastpath Matt Mackall
2006-05-05 16:42 ` [PATCH 14/14] random: Remove add_interrupt_randomness Matt Mackall
2006-05-05 16:42 ` [PATCH 12/14] random: Remove not very useful SA_SAMPLE_RANDOM from lubbock Matt Mackall
-- strict thread matches above, loose matches on Subject: below --
2006-05-08 7:38 [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers linux
2006-05-12 6:09 ` linux
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060506115502.GB18880@thunk.org \
--to=tytso@mit.edu \
--cc=akpm@osdl.org \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=mpm@selenic.com \
--cc=mrmacman_g4@mac.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.