From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: Andy Lutomirski <luto@kernel.org>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
linux-arch <linux-arch@vger.kernel.org>,
Dinh Nguyen <dinguyen@kernel.org>, Nick Hu <nickhu@andestech.com>,
Max Filippov <jcmvbkbc@gmail.com>,
Palmer Dabbelt <palmer@dabbelt.com>,
"David S . Miller" <davem@davemloft.net>,
Yoshinori Sato <ysato@users.sourceforge.jp>,
Michal Simek <monstr@monstr.eu>, Borislav Petkov <bp@alien8.de>,
Guo Ren <guoren@kernel.org>,
Geert Uytterhoeven <geert@linux-m68k.org>,
Joshua Kinard <kumba@gentoo.org>,
David Laight <David.Laight@aculab.com>,
Dominik Brodowski <linux@dominikbrodowski.net>,
Eric Biggers <ebiggers@google.com>,
Ard Biesheuvel <ardb@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Thomas Gleixner <tglx@linutronix.de>,
Kees Cook <keescook@chromium.org>,
Lennart Poettering <mzxreary@0pointer.de>,
Konstantin Ryabitsev <konstantin@linuxfoundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Theodore Ts'o" <tytso@mit.edu>
Subject: Re: [PATCH v1] random: block in /dev/urandom
Date: Wed, 23 Feb 2022 18:02:52 +0100 [thread overview]
Message-ID: <CAHmME9qcUM+G8E3ag5iPfowUF4-iYATODGK+MoLjkfaipnkgjA@mail.gmail.com> (raw)
In-Reply-To: <6e117393-9c2f-441c-9c72-62c209643622@www.fastmail.com>
Hi Andy,
I think your analysis is a bit mismatched from the reality of the
situation. That reality is that cryptographic users still find
themselves using /dev/urandom, as that's been the "standard good
advice" for a very long time. And people are still encouraged to do
that, either out of ignorance or out of "compatibility". The
cryptographic problem is not going away.
Fixing this issue means, yes, adding a 1 second delay to the small
group of init system users who haven't switched to using
getrandom(GRND_INSECURE) for that less common usage (who even are
those users actually?). That's not breaking compatibility or breaking
userspace or breaking anything; that's accepting the reality of _how_
/dev/urandom is mostly used -- for crypto -- and making that usage
finally secure, at the expense of a 1 second delay for those other
users who haven't switched to getrandom(GRND_INSECURE) yet. That seems
like a _very_ small price to pay for eliminating a footgun.
And in general, deemphasizing the rare performance of the less common
usage in favor of fixing a commonly triggered footgun seems on par
with how things morph and change over time. There's no actual
breakage. There's no ABI change violation. What you're saying simply
isn't so.
In other words, I'm not really at all convinced by what you're saying.
Jason
next prev parent reply other threads:[~2022-02-23 17:03 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-17 16:28 [PATCH v1] random: block in /dev/urandom Jason A. Donenfeld
2022-02-21 18:01 ` Andy Lutomirski
2022-02-23 17:02 ` Jason A. Donenfeld [this message]
2022-02-23 17:55 ` Theodore Ts'o
2022-03-12 20:17 ` Eric Biggers
2022-03-12 20:27 ` Eric Biggers
2022-03-22 15:58 ` Guenter Roeck
2022-03-22 16:21 ` Linus Torvalds
2022-03-22 16:40 ` Jason A. Donenfeld
2022-03-22 17:09 ` Jason A. Donenfeld
2022-03-22 17:56 ` Guenter Roeck
2022-03-22 18:19 ` Jason A. Donenfeld
2022-03-22 18:29 ` Linus Torvalds
2022-03-22 18:36 ` Jason A. Donenfeld
2022-04-22 13:42 ` Jason A. Donenfeld
2022-04-22 23:46 ` Guenter Roeck
2022-04-23 13:56 ` Guenter Roeck
2022-04-23 14:28 ` Jason A. Donenfeld
2022-04-23 16:35 ` Guenter Roeck
2022-04-23 21:10 ` Jason A. Donenfeld
2022-04-24 2:04 ` Guenter Roeck
2022-04-25 0:12 ` Jason A. Donenfeld
2022-04-25 1:54 ` Guenter Roeck
2022-04-25 11:11 ` Jason A. Donenfeld
2022-03-22 18:24 ` Mark Brown
2022-03-22 21:54 ` Guenter Roeck
2022-03-22 22:25 ` David Laight
2022-03-23 12:10 ` Mark Brown
2022-03-23 14:23 ` Guenter Roeck
2022-03-23 15:53 ` Arnd Bergmann
2022-03-23 16:18 ` Mark Brown
2022-03-23 16:41 ` Arnd Bergmann
2022-03-23 16:47 ` Mark Brown
2022-04-23 0:52 ` Jason A. Donenfeld
2022-04-25 12:09 ` Mark Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHmME9qcUM+G8E3ag5iPfowUF4-iYATODGK+MoLjkfaipnkgjA@mail.gmail.com \
--to=jason@zx2c4.com \
--cc=David.Laight@aculab.com \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=davem@davemloft.net \
--cc=dinguyen@kernel.org \
--cc=ebiggers@google.com \
--cc=geert@linux-m68k.org \
--cc=gregkh@linuxfoundation.org \
--cc=guoren@kernel.org \
--cc=jcmvbkbc@gmail.com \
--cc=keescook@chromium.org \
--cc=konstantin@linuxfoundation.org \
--cc=kumba@gentoo.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=luto@kernel.org \
--cc=monstr@monstr.eu \
--cc=mzxreary@0pointer.de \
--cc=nickhu@andestech.com \
--cc=palmer@dabbelt.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=ysato@users.sourceforge.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).