From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.5 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 137B8C433DF for ; Mon, 10 Aug 2020 16:59:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C934422EBD for ; Mon, 10 Aug 2020 16:59:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728013AbgHJQ7T (ORCPT ); Mon, 10 Aug 2020 12:59:19 -0400 Received: from wtarreau.pck.nerim.net ([62.212.114.60]:39707 "EHLO 1wt.eu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726720AbgHJQ7S (ORCPT ); Mon, 10 Aug 2020 12:59:18 -0400 Received: (from willy@localhost) by pcw.home.local (8.15.2/8.15.2/Submit) id 07AGwxFj009114; Mon, 10 Aug 2020 18:58:59 +0200 Date: Mon, 10 Aug 2020 18:58:59 +0200 From: Willy Tarreau To: Linus Torvalds Cc: George Spelvin , Netdev , Amit Klein , Eric Dumazet , "Jason A. Donenfeld" , Andrew Lutomirski , Kees Cook , Thomas Gleixner , Peter Zijlstra , "Theodore Ts'o" , Marc Plumb , Stephen Hemminger , Florian Westphal Subject: Re: [DRAFT PATCH] random32: make prandom_u32() output unpredictable Message-ID: <20200810165859.GD9060@1wt.eu> References: <20200808152628.GA27941@SDF.ORG> <20200809065744.GA17668@SDF.ORG> <20200809093805.GA7928@1wt.eu> <20200809170639.GB25124@SDF.ORG> <20200809173302.GA8027@1wt.eu> <20200809183017.GC25124@SDF.ORG> <20200810114700.GB8474@1wt.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.6.1 (2016-04-27) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Mon, Aug 10, 2020 at 09:31:48AM -0700, Linus Torvalds wrote: > On Mon, Aug 10, 2020 at 4:47 AM Willy Tarreau wrote: > > > > Doing testing on real hardware showed that retrieving the TSC on every > > call had a non negligible cost, causing a loss of 2.5% on the accept() > > rate and 4% on packet rate when using iptables -m statistics. > > And by "real hardware" I assume you mean x86, with a fairly fast and > high-performance TSC for get_random_entropy(). Yep. > Reading the TSC takes on the order of 20-50 cycles, iirc. > > But it can actually be *much* more expensive. On non-x86, it can be an > IO cycle to external chips. I took what we were already using in add_interrupt_randomness() since I considered that if it was acceptable there, it probably was elsewhere. > And on older hardware VM's in x86, it can be a vm exit etc, so > thousands of cycles. I hope nobody uses those VM's any more, but it > would be a reasonable test-case for some non-x86 implementations, so.. Yes, I remember these ones, they were not fun at all. > IOW, no. You guys are - once again - ignoring reality. I'm not ignoring reality, quite the opposite, trying to take all knowledge into account. If I'm missing some points, fine. But if we were already calling that in the interrupt handler I expected that this would be OK. The alternative Florian talked about is quite interesting as well, which is to collect some cheap noise in the network rx/tx paths since these are the areas we care about. Willy