* [GIT PULL] prandom32 changes for v5.10 @ 2020-10-12 20:32 Willy Tarreau [not found] ` <CANEQ_+Jyf-MZEsvT5iMu0a=waJCiAKdLaOfLHe_py6AXOt-hjQ@mail.gmail.com> 0 siblings, 1 reply; 10+ messages in thread From: Willy Tarreau @ 2020-10-12 20:32 UTC (permalink / raw) To: Linus Torvalds Cc: George Spelvin, Amit Klein, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, tytso, Florian Westphal, Marc Plumb, linux-kernel Linus, Given that nobody objected to this patchset since last update on prandom32 a month ago, I'm sending you the refreshed one for 5.10. The following changes since commit bbf5c979011a099af5dc76498918ed7df445635b: Linux 5.9 (2020-10-11 14:15:50 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/prandom.git tags/20201012-v3-5.10 for you to fetch changes up to 3486a21c7e5bafbdbc0f7ea5d40f3dad39022bf4: random32: add noise from network and scheduling activity (2020-10-12 18:11:51 +0200) Thanks! Willy ---------------------------------------------------------------- This is the cleanup of the latest series of prandom_u32 experimentations consisting in using SipHash instead of Tausworthe to produce the randoms used by the network stack. The changes to the files were kept minimal, and the controversial commit that used to take noise from the fast_pool (f227e3ec3b5c) was reverted. Instead, a dedicated "net_rand_noise" per_cpu variable is fed from various sources of activities (networking, scheduling) to perturb the SipHash state using fast, non-trivially predictable data, instead of keeping it fully deterministic. The goal is essentially to make any occasional memory leakage or brute-force attempt useless. The resulting code was verified to be very slightly faster on x86_64 than what is was with the controversial commit above, though this remains barely above measurement noise. It was also tested on i386 and arm, and build- tested only on arm64. This v3 is a rebase on top of 5.9-final, and switches __this_cpu_read() for this_cpu_read() to address a crash on i386+SMP+PREEMPT reported by LTP. Nothing else was changed. ---------------------------------------------------------------- George Spelvin (1): random32: make prandom_u32() output unpredictable Willy Tarreau (1): random32: add noise from network and scheduling activity drivers/char/random.c | 1 - include/linux/prandom.h | 55 +++++- kernel/time/timer.c | 9 +- lib/random32.c | 438 +++++++++++++++++++++++++++++------------------- net/core/dev.c | 4 + 5 files changed, 326 insertions(+), 181 deletions(-) ^ permalink raw reply [flat|nested] 10+ messages in thread
[parent not found: <CANEQ_+Jyf-MZEsvT5iMu0a=waJCiAKdLaOfLHe_py6AXOt-hjQ@mail.gmail.com>]
* Re: [GIT PULL] prandom32 changes for v5.10 [not found] ` <CANEQ_+Jyf-MZEsvT5iMu0a=waJCiAKdLaOfLHe_py6AXOt-hjQ@mail.gmail.com> @ 2020-10-20 23:08 ` Linus Torvalds 2020-10-21 3:27 ` Willy Tarreau 0 siblings, 1 reply; 10+ messages in thread From: Linus Torvalds @ 2020-10-20 23:08 UTC (permalink / raw) To: Amit Klein Cc: Willy Tarreau, George Spelvin, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, Theodore Ts'o, Florian Westphal, Marc Plumb, Linux Kernel Mailing List On Tue, Oct 20, 2020 at 12:26 PM Amit Klein <aksecurity@gmail.com> wrote: > > Quick question: is this patch still planned for inclusion in 5.10-rc1? It doesn't even build for me, so no. It clearly hasn't been in linux-next or anything like that. Hint: grep for prandom_seed_early. Linus ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [GIT PULL] prandom32 changes for v5.10 2020-10-20 23:08 ` Linus Torvalds @ 2020-10-21 3:27 ` Willy Tarreau 2020-10-21 20:52 ` Marc Plumb 0 siblings, 1 reply; 10+ messages in thread From: Willy Tarreau @ 2020-10-21 3:27 UTC (permalink / raw) To: Linus Torvalds Cc: Amit Klein, George Spelvin, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, Theodore Ts'o, Florian Westphal, Marc Plumb, Linux Kernel Mailing List Hi Linus, On Tue, Oct 20, 2020 at 04:08:03PM -0700, Linus Torvalds wrote: > On Tue, Oct 20, 2020 at 12:26 PM Amit Klein <aksecurity@gmail.com> wrote: > > > > Quick question: is this patch still planned for inclusion in 5.10-rc1? > > It doesn't even build for me, so no. It clearly hasn't been in > linux-next or anything like that. > > Hint: grep for prandom_seed_early. I'm a bit surprised, as it worked for me, but thanks for checking. Given the lack of responses from many participants on these patches, on several occations I feel that this series is really not welcome. Initially I just tried to test and fix Spelvin's patch, but if there's not that much interest in it, or even reluctance, I'd rather stop. If it's just that the current state is ugly with the two PRNGs side by side, I can get back to completely removing the original one as I did in my first series, and propose a larger series. Or if nobody's interested, I'd rather know so that I don't have to put more time on it :-/ Thanks for letting me know, Willy ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [GIT PULL] prandom32 changes for v5.10 2020-10-21 3:27 ` Willy Tarreau @ 2020-10-21 20:52 ` Marc Plumb 2020-10-21 21:20 ` Joe Perches 0 siblings, 1 reply; 10+ messages in thread From: Marc Plumb @ 2020-10-21 20:52 UTC (permalink / raw) To: Willy Tarreau, Linus Torvalds Cc: Amit Klein, George Spelvin, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, Theodore Ts'o, Florian Westphal, Linux Kernel Mailing List As one of the participants, I mostly backed off when Spelvin seemed to be more aggressively driving a secure solution. I still think that this is an important change, both to fix the original network vulnerability and to avoid harming dev/random while doing it. I greatly appreciate your time and effort on this but didn't want too much chatter on the DL. On 2020-10-20 8:27 p.m., Willy Tarreau wrote: > Hi Linus, > > On Tue, Oct 20, 2020 at 04:08:03PM -0700, Linus Torvalds wrote: >> On Tue, Oct 20, 2020 at 12:26 PM Amit Klein <aksecurity@gmail.com> wrote: >>> Quick question: is this patch still planned for inclusion in 5.10-rc1? >> It doesn't even build for me, so no. It clearly hasn't been in >> linux-next or anything like that. >> >> Hint: grep for prandom_seed_early. > I'm a bit surprised, as it worked for me, but thanks for checking. Given > the lack of responses from many participants on these patches, on several > occations I feel that this series is really not welcome. Initially I just > tried to test and fix Spelvin's patch, but if there's not that much > interest in it, or even reluctance, I'd rather stop. If it's just that > the current state is ugly with the two PRNGs side by side, I can get > back to completely removing the original one as I did in my first series, > and propose a larger series. Or if nobody's interested, I'd rather know > so that I don't have to put more time on it :-/ > > Thanks for letting me know, > Willy ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [GIT PULL] prandom32 changes for v5.10 2020-10-21 20:52 ` Marc Plumb @ 2020-10-21 21:20 ` Joe Perches 2020-10-21 21:35 ` Linus Torvalds 0 siblings, 1 reply; 10+ messages in thread From: Joe Perches @ 2020-10-21 21:20 UTC (permalink / raw) To: Marc Plumb, Willy Tarreau, Linus Torvalds Cc: Amit Klein, George Spelvin, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, Theodore Ts'o, Florian Westphal, Linux Kernel Mailing List On Wed, 2020-10-21 at 13:52 -0700, Marc Plumb wrote: > As one of the participants, I mostly backed off when Spelvin seemed to > be more aggressively driving a secure solution. While secure solutions are useful, I really wonder if "George Spelvin" is a real person. https://en.wikipedia.org/wiki/George_Spelvin _If_ "George Spelvin" is a pseudonym, (apologies if it is not), should anything with that signature be added to the kernel? The Developer's Certificate of Origin says that no pseudonyms are allowed. --- Developer's Certificate of Origin 1.1 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ By making a contribution to this project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. then you just add a line saying:: Signed-off-by: Random J Developer <random@developer.example.org> using your real name (sorry, no pseudonyms or anonymous contributions.) This will be done for you automatically if you use ``git commit -s``. ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [GIT PULL] prandom32 changes for v5.10 2020-10-21 21:20 ` Joe Perches @ 2020-10-21 21:35 ` Linus Torvalds 2020-10-21 21:41 ` Joe Perches 0 siblings, 1 reply; 10+ messages in thread From: Linus Torvalds @ 2020-10-21 21:35 UTC (permalink / raw) To: Joe Perches Cc: Marc Plumb, Willy Tarreau, Amit Klein, George Spelvin, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, Theodore Ts'o, Florian Westphal, Linux Kernel Mailing List On Wed, Oct 21, 2020 at 2:20 PM Joe Perches <joe@perches.com> wrote: > > While secure solutions are useful, I really wonder if > "George Spelvin" is a real person. It's not his real name, no, but he's a real person. I do have his real name from years ago when I needed to confirm his identity for sign-offs (I forget what for, I think it was some dcache name hashing thing). So I can confirm he's a real person who just wants to keep private, and is competent when it comes to hashing and security. Linus ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [GIT PULL] prandom32 changes for v5.10 2020-10-21 21:35 ` Linus Torvalds @ 2020-10-21 21:41 ` Joe Perches 2020-10-22 2:12 ` Willy Tarreau 0 siblings, 1 reply; 10+ messages in thread From: Joe Perches @ 2020-10-21 21:41 UTC (permalink / raw) To: Linus Torvalds Cc: Marc Plumb, Willy Tarreau, Amit Klein, George Spelvin, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, Theodore Ts'o, Florian Westphal, Linux Kernel Mailing List On Wed, 2020-10-21 at 14:35 -0700, Linus Torvalds wrote: > On Wed, Oct 21, 2020 at 2:20 PM Joe Perches <joe@perches.com> wrote: > > While secure solutions are useful, I really wonder if > > "George Spelvin" is a real person. > > It's not his real name, no, but he's a real person. > > I do have his real name from years ago when I needed to confirm his > identity for sign-offs (I forget what for, I think it was some dcache > name hashing thing). > > So I can confirm he's a real person who just wants to keep private, > and is competent when it comes to hashing and security. I hope that real name is in some escrow somewhere and not just in some long thrown away spinning rust disk. And because George isn't a real name and contributions by him have been accepted, the DCO should be updated to show how pseudonymous contributions can be made. ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [GIT PULL] prandom32 changes for v5.10 2020-10-21 21:41 ` Joe Perches @ 2020-10-22 2:12 ` Willy Tarreau 0 siblings, 0 replies; 10+ messages in thread From: Willy Tarreau @ 2020-10-22 2:12 UTC (permalink / raw) To: Joe Perches Cc: Linus Torvalds, Marc Plumb, Amit Klein, George Spelvin, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, Theodore Ts'o, Florian Westphal, Linux Kernel Mailing List On Wed, Oct 21, 2020 at 02:41:06PM -0700, Joe Perches wrote: > On Wed, 2020-10-21 at 14:35 -0700, Linus Torvalds wrote: > > On Wed, Oct 21, 2020 at 2:20 PM Joe Perches <joe@perches.com> wrote: > > > While secure solutions are useful, I really wonder if > > > "George Spelvin" is a real person. > > > > It's not his real name, no, but he's a real person. > > > > I do have his real name from years ago when I needed to confirm his > > identity for sign-offs (I forget what for, I think it was some dcache > > name hashing thing). > > > > So I can confirm he's a real person who just wants to keep private, > > and is competent when it comes to hashing and security. > > I hope that real name is in some escrow somewhere and > not just in some long thrown away spinning rust disk. > > And because George isn't a real name and contributions > by him have been accepted, the DCO should be updated > to show how pseudonymous contributions can be made. Well, if that helps, given that I already needed to modify his code and that his proposal totally makes sense, I can also replace his signed-off-by with a suggested-by in the patch and put a link to the original thread. I'll do my best to propose an update before -rc1 if that's still acceptable. Amit found that the code doesn't build when tests are enabled, visibly they were not on my side and likely explain why that failed for Linus. Willy ^ permalink raw reply [flat|nested] 10+ messages in thread
* [GIT PULL] prandom32 changes for v5.10 @ 2020-10-24 19:34 Willy Tarreau 2020-10-25 18:35 ` pr-tracker-bot 0 siblings, 1 reply; 10+ messages in thread From: Willy Tarreau @ 2020-10-24 19:34 UTC (permalink / raw) To: Linus Torvalds Cc: George Spelvin, Amit Klein, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, tytso, Florian Westphal, Marc Plumb, Joe Perches, linux-kernel Hi Linus, I've addressed the build issues when CONFIG_RANDOM32_SELFTEST is enabled, and also added a self-test for the new code (last patch of the series). As I previously questionned, I finally replaced this_cpu_read(noise) with raw_cpu_read(noise) as it it's pointless to deal with interrupts here since we're just collecting noise. Last point, I kept George as the author despite not being his real name, as I saw he already signed-off other commits. Please let me know if you have any question or comment. The following changes since commit f11901ed723d1351843771c3a84b03a253bbf8b2: Merge tag 'xfs-5.10-merge-7' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux (2020-10-23 17:15:06 -0700) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/prandom.git tags/20201024-v4-5.10 for you to fetch changes up to c6e169bc146a76d5ccbf4d3825f705414352bd03: random32: add a selftest for the prandom32 code (2020-10-24 20:21:57 +0200) ---------------------------------------------------------------- random32: make prandom_u32() less predictable This is the cleanup of the latest series of prandom_u32 experimentations consisting in using SipHash instead of Tausworthe to produce the randoms used by the network stack. The changes to the files were kept minimal, and the controversial commit that used to take noise from the fast_pool (f227e3ec3b5c) was reverted. Instead, a dedicated "net_rand_noise" per_cpu variable is fed from various sources of activities (networking, scheduling) to perturb the SipHash state using fast, non-trivially predictable data, instead of keeping it fully deterministic. The goal is essentially to make any occasional memory leakage or brute-force attempt useless. The resulting code was verified to be very slightly faster on x86_64 than what is was with the controversial commit above, though this remains barely above measurement noise. It was also tested on i386 and arm, and build- tested only on arm64. The whole discussion around this is archived here: https://lore.kernel.org/netdev/20200808152628.GA27941@SDF.ORG/ --- v4: - access noise using raw_cpu_read() instead of this_cpu_read() - fixed build with CONFIG_RANDOM32_SELFTEST - added a selftest for the prandom32 code v3: This v3 is a rebase on top of 5.9-final, and switches __this_cpu_read() for this_cpu_read() to address a crash on i386+SMP+PREEMPT reported by LKP. Nothing else was changed. ---------------------------------------------------------------- George Spelvin (1): random32: make prandom_u32() output unpredictable Willy Tarreau (2): random32: add noise from network and scheduling activity random32: add a selftest for the prandom32 code drivers/char/random.c | 1 - include/linux/prandom.h | 55 ++++- kernel/time/timer.c | 9 +- lib/random32.c | 525 +++++++++++++++++++++++++++++++----------------- net/core/dev.c | 4 + 5 files changed, 404 insertions(+), 190 deletions(-) ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [GIT PULL] prandom32 changes for v5.10 2020-10-24 19:34 Willy Tarreau @ 2020-10-25 18:35 ` pr-tracker-bot 0 siblings, 0 replies; 10+ messages in thread From: pr-tracker-bot @ 2020-10-25 18:35 UTC (permalink / raw) To: Willy Tarreau Cc: Linus Torvalds, George Spelvin, Amit Klein, Eric Dumazet, Jason A. Donenfeld, Andy Lutomirski, Kees Cook, Thomas Gleixner, Peter Zijlstra, tytso, Florian Westphal, Marc Plumb, Joe Perches, linux-kernel The pull request you sent on Sat, 24 Oct 2020 21:34:47 +0200: > git://git.kernel.org/pub/scm/linux/kernel/git/wtarreau/prandom.git tags/20201024-v4-5.10 has been merged into torvalds/linux.git: https://git.kernel.org/torvalds/c/91f28da8c9a054286d6917ce191349455c479478 Thank you! -- Deet-doot-dot, I am a bot. https://korg.docs.kernel.org/prtracker.html ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2020-10-25 18:35 UTC | newest] Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-10-12 20:32 [GIT PULL] prandom32 changes for v5.10 Willy Tarreau [not found] ` <CANEQ_+Jyf-MZEsvT5iMu0a=waJCiAKdLaOfLHe_py6AXOt-hjQ@mail.gmail.com> 2020-10-20 23:08 ` Linus Torvalds 2020-10-21 3:27 ` Willy Tarreau 2020-10-21 20:52 ` Marc Plumb 2020-10-21 21:20 ` Joe Perches 2020-10-21 21:35 ` Linus Torvalds 2020-10-21 21:41 ` Joe Perches 2020-10-22 2:12 ` Willy Tarreau 2020-10-24 19:34 Willy Tarreau 2020-10-25 18:35 ` pr-tracker-bot
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).