Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 16 May 2015 02:24:41 +0200
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Warner Losh <imp@bsdimp.com>
Cc:        John-Mark Gurney <jmg@funkthat.com>, Konstantin Belousov <kostikbel@gmail.com>, Harrison Grundy <harrison.grundy@astrodoggroup.com>, freebsd-arch@freebsd.org
Subject:   Re: locks and kernel randomness...
Message-ID:  <20150516002440.GB16906@garage.freebsd.pl>
In-Reply-To: <1E4A5E62-6E06-48BA-B5C5-9BD05811CDEF@bsdimp.com>
References:  <20150224012026.GY46794@funkthat.com> <20150224015721.GT74514@kib.kiev.ua> <54EBDC1C.3060007@astrodoggroup.com> <20150224024250.GV74514@kib.kiev.ua> <DD06E2EA-68D6-43D7-AA17-FB230750E55A@bsdimp.com> <20150224174053.GG46794@funkthat.com> <1E4A5E62-6E06-48BA-B5C5-9BD05811CDEF@bsdimp.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--UlVJffcvxoiEqYs2
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Feb 24, 2015 at 11:03:42AM -0700, Warner Losh wrote:
>=20
> > On Feb 24, 2015, at 10:40 AM, John-Mark Gurney <jmg@funkthat.com> wrote:
> >=20
> > Warner Losh wrote this message on Tue, Feb 24, 2015 at 07:56 -0700:
> >> Then again, if you want to change random(), provide a weak_random() th=
at???s
> >> the traditional non-crypto thing that???s fast and lockless. That woul=
d make it easy
> >> to audit in our tree. The scheduler doesn???t need cryptographic rando=
mness, it
> >> just needs to make different choices sometimes to ensure its notion of=
 fairness.
> >=20
> > I do not support having a weak_random...  If the consumer is sure
> > enough that you don't need a secure random, then they can pick an LCG
> > and implement it themselves and deal (or not) w/ the locking issues...
> >=20
> > It appears that the scheduler had an LCG but for some reason the authors
> > didn't feel like using it here..
>=20
> Why don=E2=80=99t you support having a common random routine that=E2=80=
=99s to mix the
> pot, but not cryptographically secure? Lots of algorithms use them, and h=
aving
> a common one would keep us from reinventing the wheel.

Sorry for being late to the party:)

I'm with John-Mark on this one. I didn't find it being mentioned in the
thread, but the more consumers we have of our CSPRNG the better. It
makes it less predictable in case of a weekness in the algorithm /
implementation / entropy sources.

Because of that I'd much rather have the rule that if you don't want to
use CSPRNG you need to prove that it is both not required and degrades
performance.

--=20
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://mobter.com

--UlVJffcvxoiEqYs2
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJVVo5IAAoJEJVLhSuxKFt1l9wP+gI5C3VqxSB8hVyeW/SVV63y
SthX3ZBwXcufQ0QCmMqUWTW9ZPcHmtArjOxHDMn0CBtdNamsO84oEN4aog2AERri
/IIvfiEFigLj34q/IczzZBB2b6tUqZBGRZh49Tiv4mKDe3mR0Kz7gRActKs/g60z
EeBkCfhzZZu6oGJ8r789+OUQpNoiXRvu8aNyRQdnmybVPXfWVivSw8gRyTp6opnV
c/4ahCc106kL+d1jyTzaAu4jOSXeSLSwpQAUZmvUWHJxCs/B1CK13VYj4jmb7pTw
zc3qTjvnau+teYfOqaFshizL/6dqKJ1hwMt3WbEduAFxZl93f0PZrmSYdbslPKTZ
6OWBrXYXO7O5TgOACfqfp297yrP5cRnOxrnxsIC9KTTqCPWfTpJZthyD/bHe4Zs7
rlyIhlHfNploUkkVnIxaFCgmS64UgDlH1nUYmd0T+PwcHt1nU9I7BuN8brkEYFH7
HhMQvoYF7ZuI05Q8uray8+CaYIQiAHrfjlMKx1ndAFcka3rmP2Fvh4TLfg+UXrSs
Woiq4MkvRFUBJ7aiqIcRV/0p3h8OecQoXNwG0Yi38FQ9KLHkg1rVrdrGVpvDTNnf
lGvYWftby7MWUliI0Azk8lCLtSO4fv36GtFNLbe6PMGkmI2siCJzBnYy1+/zKnbZ
8HFbccxHQ0d42gnal64L
=5AW4
-----END PGP SIGNATURE-----

--UlVJffcvxoiEqYs2--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150516002440.GB16906>