From: Ingo Molnar <mingo@elte.hu>
To: Matt Mackall <mpm@selenic.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Arjan van de Ven <arjan@infradead.org>, Jake Edge <jake@lwn.net>,
security@kernel.org,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
James Morris <jmorris@namei.org>,
linux-security-module@vger.kernel.org,
Eric Paris <eparis@redhat.com>,
Alan Cox <alan@lxorguk.ukuu.org.uk>,
Roland McGrath <roland@redhat.com>,
mingo@redhat.com, Andrew Morton <akpm@linux-foundation.org>,
Greg KH <greg@kroah.com>, Dave Jones <davej@redhat.com>
Subject: Re: [patch] random: make get_random_int() more random
Date: Wed, 6 May 2009 22:51:45 +0200 [thread overview]
Message-ID: <20090506205145.GA1908@elte.hu> (raw)
In-Reply-To: <20090506204156.GB31071@waste.org>
* Matt Mackall <mpm@selenic.com> wrote:
> On Wed, May 06, 2009 at 10:09:54PM +0200, Ingo Molnar wrote:
> > I then ran the FIPS randomness test over the first 20,000 bits [2.5K
> > data], which it passed:
>
> That's proves nothing except that you have no idea what you're
> talking about. People regularly break things that FIPS gives
> flying colors. FIPS is nothing but a statistical sanity-check.
The current code didnt even pass the FIPS test, due to:
<...>-1739 [000] 112.487579: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487583: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487584: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487585: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487586: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487588: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487589: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487590: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487592: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487593: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487594: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487595: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487597: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487598: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487599: sys_prctl: get_random_int(): d1f8a190
<...>-1739 [000] 112.487601: sys_prctl: get_random_int(): d1f8a190
Linus's patch is a marked improvement, and it is really what we need
here mostly.
We cannot afford true physical randomness (it's too expensive to get
and not all hw has it), and even a 'good' PRNG is pretty expensive.
Performance is the main reason why the networking stack has its own
fast hack.
> Do you need this to be publicly broken again by someone who
> actually knows something about cryptanalysis before you'll accept
> that it's a bad idea? If so, then please move the code out of
> random.c, so that I don't have to share in your embarassment a
> second time.
I see your flame, but what's your technical point?
Ingo
next prev parent reply other threads:[~2009-05-06 20:53 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-04 18:51 [PATCH] proc: avoid information leaks to non-privileged processes Jake Edge
2009-05-04 19:00 ` [Security] " Linus Torvalds
2009-05-04 19:51 ` Arjan van de Ven
2009-05-04 20:20 ` Eric W. Biederman
2009-05-04 22:24 ` Linus Torvalds
2009-05-04 23:26 ` Arjan van de Ven
2009-05-04 23:54 ` Linus Torvalds
2009-05-05 7:51 ` Eric W. Biederman
2009-05-05 15:17 ` Linus Torvalds
2009-05-05 15:35 ` Linus Torvalds
2009-05-05 16:18 ` Matt Mackall
2009-05-05 16:10 ` Matt Mackall
2009-05-05 5:50 ` Matt Mackall
2009-05-05 6:31 ` Ingo Molnar
2009-05-05 8:14 ` Eric W. Biederman
2009-05-05 19:52 ` Ingo Molnar
2009-05-05 20:22 ` Matt Mackall
2009-05-05 21:20 ` Eric W. Biederman
2009-05-06 10:33 ` Ingo Molnar
2009-05-06 10:30 ` Ingo Molnar
2009-05-06 16:25 ` Matt Mackall
2009-05-06 16:48 ` Linus Torvalds
2009-05-06 17:57 ` Matt Mackall
2009-05-07 0:50 ` Matt Mackall
2009-05-07 15:02 ` Ingo Molnar
2009-05-07 18:14 ` Matt Mackall
2009-05-07 18:21 ` Ingo Molnar
2009-05-07 18:41 ` Ingo Molnar
2009-05-07 19:24 ` Matt Mackall
2009-05-07 15:16 ` Florian Weimer
2009-05-07 16:55 ` Matt Mackall
2009-05-07 17:53 ` Linus Torvalds
2009-05-07 18:42 ` Matt Mackall
2009-05-06 20:09 ` [patch] random: make get_random_int() more random Ingo Molnar
2009-05-06 20:41 ` Matt Mackall
2009-05-06 20:51 ` Ingo Molnar [this message]
2009-05-06 21:10 ` Matt Mackall
2009-05-06 21:24 ` Ingo Molnar
2009-05-14 22:47 ` Jake Edge
2009-05-14 22:55 ` [Security] " Linus Torvalds
2009-05-15 13:47 ` Ingo Molnar
2009-05-15 15:10 ` Jake Edge
2009-05-16 10:00 ` Willy Tarreau
2009-05-16 10:39 ` Ingo Molnar
2009-05-16 12:02 ` Eric W. Biederman
2009-05-16 14:00 ` Michael S. Zick
2009-05-16 14:28 ` Michael S. Zick
2009-05-16 14:57 ` Arjan van de Ven
2009-05-16 15:09 ` Michael S. Zick
2009-05-16 14:32 ` Matt Mackall
2009-05-16 13:58 ` Willy Tarreau
2009-05-16 15:23 ` Linus Torvalds
2009-05-16 15:47 ` Willy Tarreau
2009-05-16 15:54 ` Oliver Neukum
2009-05-16 16:05 ` Linus Torvalds
2009-05-16 16:17 ` Linus Torvalds
2009-05-15 1:16 ` Américo Wang
2009-05-06 20:25 ` [Security] [PATCH] proc: avoid information leaks to non-privileged processes Ingo Molnar
2009-05-06 20:52 ` Matt Mackall
2009-05-05 8:58 ` Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090506205145.GA1908@elte.hu \
--to=mingo@elte.hu \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=davej@redhat.com \
--cc=ebiederm@xmission.com \
--cc=eparis@redhat.com \
--cc=greg@kroah.com \
--cc=jake@lwn.net \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=mpm@selenic.com \
--cc=roland@redhat.com \
--cc=security@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.