From: Ingo Molnar <mingo@kernel.org>
To: David Laight <David.Laight@ACULAB.COM>
Cc: Andy Lutomirski <luto@kernel.org>,
"Reshetova, Elena" <elena.reshetova@intel.com>,
Theodore Ts'o <tytso@mit.edu>, Eric Biggers <ebiggers3@gmail.com>,
"ebiggers@google.com" <ebiggers@google.com>,
"herbert@gondor.apana.org.au" <herbert@gondor.apana.org.au>,
Peter Zijlstra <peterz@infradead.org>,
"keescook@chromium.org" <keescook@chromium.org>,
Daniel Borkmann <daniel@iogearbox.net>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"jpoimboe@redhat.com" <jpoimboe@redhat.com>,
"jannh@google.com" <jannh@google.com>,
"Perla, Enrico" <enrico.perla@intel.com>,
"mingo@redhat.com" <mingo@redhat.com>,
"bp@alien8.de" <bp@alien8.de>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
"Edgecombe, Rick P" <rick.p.edgecombe@intel.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <a.p.zijlstra@chello.nl>
Subject: Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall
Date: Thu, 2 May 2019 18:45:24 +0200 [thread overview]
Message-ID: <20190502164524.GB115950@gmail.com> (raw)
In-Reply-To: <d64b3562d179430f9bdd8712999ff98a@AcuMS.aculab.com>
* David Laight <David.Laight@ACULAB.COM> wrote:
> It has already been measured - it is far too slow.
I don't think proper buffering was tested, was it? Only a per syscall
RDRAND overhead which I can imagine being not too good.
> > Because calling tens of millions of system calls per second will
> > deplete any non-CPU-RNG sources of entropy and will also starve all
> > other users of random numbers, which might have a more legitimate
> > need for randomness, such as the networking stack ...
>
> If the function you use to generate random numbers from the 'entropy
> pool' isn't reversible (in a finite time) I don't think you really need
> to worry about bits-in v bits-out.
Ok.
Thanks,
Ingo
next prev parent reply other threads:[~2019-05-02 16:45 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-15 6:09 [PATCH] x86/entry/64: randomize kernel stack offset upon syscall Elena Reshetova
2019-04-15 7:25 ` Ingo Molnar
2019-04-15 8:44 ` Reshetova, Elena
2019-04-16 7:34 ` Ingo Molnar
2019-04-16 11:10 ` Reshetova, Elena
2019-04-16 12:08 ` Peter Zijlstra
2019-04-16 12:45 ` David Laight
2019-04-16 15:43 ` Theodore Ts'o
2019-04-16 16:07 ` Peter Zijlstra
2019-04-16 16:47 ` Reshetova, Elena
2019-04-17 9:28 ` David Laight
2019-04-17 15:15 ` Theodore Ts'o
2019-04-17 15:40 ` Kees Cook
2019-04-17 15:53 ` David Laight
2019-04-24 11:42 ` Reshetova, Elena
2019-04-24 13:33 ` David Laight
2019-04-25 11:23 ` Reshetova, Elena
2019-04-26 11:33 ` Reshetova, Elena
2019-04-26 14:01 ` Theodore Ts'o
2019-04-26 17:44 ` Eric Biggers
2019-04-26 18:02 ` Theodore Ts'o
2019-04-27 13:59 ` Andy Lutomirski
2019-04-29 8:04 ` Reshetova, Elena
2019-04-26 18:34 ` Andy Lutomirski
2019-04-29 7:46 ` Reshetova, Elena
2019-04-29 16:08 ` Andy Lutomirski
2019-04-30 17:51 ` Reshetova, Elena
2019-04-30 18:01 ` Kees Cook
2019-05-01 8:23 ` David Laight
2019-05-02 8:07 ` Reshetova, Elena
2019-05-01 8:41 ` David Laight
2019-05-01 23:33 ` Andy Lutomirski
2019-05-02 8:15 ` Reshetova, Elena
2019-05-02 9:23 ` David Laight
2019-05-02 14:47 ` Andy Lutomirski
2019-05-02 15:08 ` Ingo Molnar
2019-05-02 16:32 ` Andy Lutomirski
2019-05-02 16:43 ` Ingo Molnar
2019-05-03 16:40 ` Andy Lutomirski
2019-05-02 16:34 ` David Laight
2019-05-02 16:45 ` Ingo Molnar [this message]
2019-05-03 16:17 ` Reshetova, Elena
2019-05-03 16:40 ` David Laight
2019-05-03 19:10 ` Linus Torvalds
2019-05-06 6:47 ` Reshetova, Elena
2019-05-06 7:01 ` Reshetova, Elena
2019-05-08 11:18 ` Reshetova, Elena
2019-05-08 11:32 ` Ingo Molnar
2019-05-08 13:22 ` Reshetova, Elena
2019-05-09 5:59 ` Ingo Molnar
2019-05-09 7:01 ` Reshetova, Elena
2019-05-09 8:43 ` Ingo Molnar
2019-05-11 22:45 ` Andy Lutomirski
2019-05-12 0:12 ` Kees Cook
2019-05-12 8:02 ` Ingo Molnar
2019-05-12 14:33 ` Kees Cook
2019-05-28 12:28 ` Reshetova, Elena
2019-05-28 13:33 ` Theodore Ts'o
2019-05-29 10:13 ` Reshetova, Elena
2019-05-29 10:51 ` David Laight
2019-05-29 18:35 ` Kees Cook
2019-05-29 18:37 ` Kees Cook
2019-07-29 11:41 ` Reshetova, Elena
2019-07-30 18:07 ` Kees Cook
2019-08-01 6:35 ` Reshetova, Elena
2019-05-09 7:03 ` Reshetova, Elena
2019-05-06 7:32 ` Reshetova, Elena
2019-04-29 7:49 ` Reshetova, Elena
2019-04-26 17:37 ` Edgecombe, Rick P
2019-04-17 6:24 ` Ingo Molnar
2019-04-16 18:19 ` Reshetova, Elena
[not found] <20190408061358.21288-1-elena.reshetova@intel.com>
2019-04-08 12:49 ` Josh Poimboeuf
2019-04-08 13:30 ` Reshetova, Elena
2019-04-08 16:21 ` Kees Cook
2019-04-10 8:26 ` Ingo Molnar
2019-04-10 9:00 ` Reshetova, Elena
2019-04-10 10:17 ` Ingo Molnar
2019-04-10 10:24 ` Reshetova, Elena
2019-04-10 14:52 ` Andy Lutomirski
2019-04-12 5:36 ` Reshetova, Elena
2019-04-12 21:16 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190502164524.GB115950@gmail.com \
--to=mingo@kernel.org \
--cc=David.Laight@ACULAB.COM \
--cc=a.p.zijlstra@chello.nl \
--cc=bp@alien8.de \
--cc=daniel@iogearbox.net \
--cc=ebiggers3@gmail.com \
--cc=ebiggers@google.com \
--cc=elena.reshetova@intel.com \
--cc=enrico.perla@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=jannh@google.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.