Date: Tue, 24 Feb 2015 10:30:51 -0800 From: John-Mark Gurney <jmg@funkthat.com> To: Warner Losh <imp@bsdimp.com> Cc: Konstantin Belousov <kostikbel@gmail.com>, Harrison Grundy <harrison.grundy@astrodoggroup.com>, freebsd-arch@freebsd.org Subject: Re: locks and kernel randomness... Message-ID: <20150224183051.GJ46794@funkthat.com> In-Reply-To: <1E4A5E62-6E06-48BA-B5C5-9BD05811CDEF@bsdimp.com> References: <20150224012026.GY46794@funkthat.com> <20150224015721.GT74514@kib.kiev.ua> <54EBDC1C.3060007@astrodoggroup.com> <20150224024250.GV74514@kib.kiev.ua> <DD06E2EA-68D6-43D7-AA17-FB230750E55A@bsdimp.com> <20150224174053.GG46794@funkthat.com> <1E4A5E62-6E06-48BA-B5C5-9BD05811CDEF@bsdimp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote this message on Tue, Feb 24, 2015 at 11:03 -0700:
>
> > On Feb 24, 2015, at 10:40 AM, John-Mark Gurney <jmg@funkthat.com> wrote:
> >
> > Warner Losh wrote this message on Tue, Feb 24, 2015 at 07:56 -0700:
> >> Then again, if you want to change random(), provide a weak_random() that???s
> >> the traditional non-crypto thing that???s fast and lockless. That would make it easy
> >> to audit in our tree. The scheduler doesn???t need cryptographic randomness, it
> >> just needs to make different choices sometimes to ensure its notion of fairness.
> >
> > I do not support having a weak_random... If the consumer is sure
> > enough that you don't need a secure random, then they can pick an LCG
> > and implement it themselves and deal (or not) w/ the locking issues...
> >
> > It appears that the scheduler had an LCG but for some reason the authors
> > didn't feel like using it here..
>
> Why don???t you support having a common random routine that???s to mix the
> pot, but not cryptographically secure? Lots of algorithms use them, and having
> a common one would keep us from reinventing the wheel.
Why can't these algorithms use a cryptographically secure RNG instead?
No one has truely answered that point.. Everyone says they want to use
an insecure RNG, but the real question is, why can't/shouldn't these
algorithms use a CSPRNG?
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150224183051.GJ46794>