| Message ID | 20200422234255.7066-1-dg@adax.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 342EDA00C2; Thu, 23 Apr 2020 01:44:17 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id E92FD1C224; Thu, 23 Apr 2020 01:44:15 +0200 (CEST) Received: from mail-qk1-f196.google.com (mail-qk1-f196.google.com [209.85.222.196]) by dpdk.org (Postfix) with ESMTP id A37A31C220 for <dev@dpdk.org>; Thu, 23 Apr 2020 01:44:13 +0200 (CEST) Received: by mail-qk1-f196.google.com with SMTP id b62so4500847qkf.6 for <dev@dpdk.org>; Wed, 22 Apr 2020 16:44:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hlvkJSbZ0slqu+S66Xft/S7/KwU0f9U7UN5lnyoErk4=; b=Pbnxy9WKj9W02BMw/OWWI9pYWjeWLx1Txc+Z1JN/f6fYkQ+9Fse5VNF26itmcGK19T V+1/RL0YB5PIWv1I9GDwZhmgzKjE1MYnYapm2+UKb0A1l3RvG+AbNG0jUjHrGeT1Gc2W cSITim3W8kljS6F8iEp05nAvc/xdpcWug5ZFa/IV4DLoRCU0xCkGPy7Eqphp/Yfeu+BI Yl0Adc58N3dB8qvgUQpJm6xzzFCX0g06r0j+AbGHqafp4Z7qHQ7PyomnkKcfcPm0tXSk VgAbEY93joLLXLdgTNcPoQAH4TCnAzuN/E70rypVCrKTaOvuPOiXQLKdHIe9dN1IfCzK i5xg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=hlvkJSbZ0slqu+S66Xft/S7/KwU0f9U7UN5lnyoErk4=; b=unSupQdiZVtCReAzcpM+7SSKFPcSnNu2KfBe9dc4avZirXBSp89E8DfkBBNhMacVwx NbB20ZTEPuS8usgjxoPI0yFplJSpBs6E6Y8vlwQAIMqMZcTjif3WJIWlR1StTfHmmp8r cFLbihu7qoGPMyoyJUW7DUopn1LDVqX+YXGFHDln6Qqu3Sjj/waYLxYbXsJCIs3mH41A rx/9bjBpAElU7Whf3pbUj96UFFKg+MoOiPG1MFPHQcVwz9i8gTwyndpiS1Apyy0ky9p5 GabVMK3Rb+lzljt9mjBwxKO++tah/xztDgrbQWML6ATSUU59Oqn4/0h81IdXNhiEC03h Y4kg== X-Gm-Message-State: AGi0PuaAnGF1cDCJlEk6MTmm5HWJepDRpxT2PAJhMbzBcs/phflcYyrq Wbe2wX6rWCKa6HgCJRvxPGXDGI8g9oc= X-Google-Smtp-Source: APiQypIMhWvm8ms3OO93Gvf+7CzihXUESlgMHS3kW9toYvtuu11td8hDo3iOEMmmvQyyPHif56KP+g== X-Received: by 2002:a37:27d5:: with SMTP id n204mr789789qkn.425.1587599052549; Wed, 22 Apr 2020 16:44:12 -0700 (PDT) Received: from localhost.localdomain ([168.121.99.161]) by smtp.gmail.com with ESMTPSA id t15sm614263qtc.64.2020.04.22.16.44.10 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 22 Apr 2020 16:44:12 -0700 (PDT) From: Dan Gora <dg@adax.com> To: dev@dpdk.org Cc: David Marchand <david.marchand@redhat.com>, Jerin Jacob <jerinjacobk@gmail.com>, =?utf-8?q?Mattias_R=C3=B6nnblom?= <mattias.ronnblom@ericsson.com>, Dan Gora <dg@adax.com> Date: Wed, 22 Apr 2020 20:42:52 -0300 Message-Id: <20200422234255.7066-1-dg@adax.com> X-Mailer: git-send-email 2.24.1.425.g7034cd094b In-Reply-To: <20200421195446.1730-1-dg@adax.com> References: <20200421195446.1730-1-dg@adax.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v4 0/2] eal: choose initial PRNG seed source at runtime X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
| Series |
eal: choose initial PRNG seed source at runtime
|
|
Message
Dan Gora
April 22, 2020, 11:42 p.m. UTC
Hi All, The following patches updates the rte_random subsystem to dynamically find the best source of the initial seed to the PRNG at run time. The first patch enables dynamic checking for the rdseed instruction and removes the requirement for it on the execution system. It also ensures that the code to use the rdseed instruction is generated, even if the host compilation system does not support it (on x86 systems). The second patch emulates the getentropy() glibc function by reading bytes from /dev/urandom. This removes an unnecessary dependency on glibc 2.25. v4: Note that emulating getentropy by reading from /dev/urandom should never fail, so now the question is if we should just remove the rdseed method entirely since it's x86 only? Should we remove the fallback to rte_get_tsc_cycles()? Thanks Dan ----- v2: * Fix patch apply issue. * dlclose() handle if dlsym() fails in __rte_getentropy(). v3: * Fix error checking of dlsym() in __rte_getentropy(). * Style changes recommended by Mattias. v4: * Replace dlopen/dlsym method with reading from /dev/urandom. * Try rdseed method before getentropy() method since the latter should never fail. Dan Gora (2): eal: check for rdseed at run time for random seed eal: emulate glibc getentropy for initial random seed config/x86/meson.build | 11 +++-- lib/librte_eal/common/rte_random.c | 79 ++++++++++++++++++++++++------ lib/librte_eal/meson.build | 3 -- mk/rte.cpuflags.mk | 9 +++- 4 files changed, 79 insertions(+), 23 deletions(-)
Comments
On 2020-04-23 01:42, Dan Gora wrote: > Hi All, > > The following patches updates the rte_random subsystem to dynamically find > the best source of the initial seed to the PRNG at run time. > > The first patch enables dynamic checking for the rdseed instruction and > removes the requirement for it on the execution system. It also ensures > that the code to use the rdseed instruction is generated, even if the host > compilation system does not support it (on x86 systems). > > The second patch emulates the getentropy() glibc function by reading bytes > from /dev/urandom. This removes an unnecessary dependency on glibc 2.25. > > v4: Note that emulating getentropy by reading from /dev/urandom should > never fail, so now the question is if we should just remove the rdseed > method entirely since it's x86 only? Should we remove the fallback to > rte_get_tsc_cycles()? > > Thanks > Dan > > ----- > v2: > * Fix patch apply issue. > * dlclose() handle if dlsym() fails in __rte_getentropy(). > > v3: > * Fix error checking of dlsym() in __rte_getentropy(). > * Style changes recommended by Mattias. > > v4: > * Replace dlopen/dlsym method with reading from /dev/urandom. > * Try rdseed method before getentropy() method since the > latter should never fail. I see no reason to prefer rdseed over the kernel. > > > Dan Gora (2): > eal: check for rdseed at run time for random seed > eal: emulate glibc getentropy for initial random seed > > config/x86/meson.build | 11 +++-- > lib/librte_eal/common/rte_random.c | 79 ++++++++++++++++++++++++------ > lib/librte_eal/meson.build | 3 -- > mk/rte.cpuflags.mk | 9 +++- > 4 files changed, 79 insertions(+), 23 deletions(-) >
On Mon, Jun 29, 2020 at 6:32 AM Mattias Rönnblom <mattias.ronnblom@ericsson.com> wrote: > > On 2020-04-23 01:42, Dan Gora wrote: > > Hi All, > > > > The following patches updates the rte_random subsystem to dynamically find > > the best source of the initial seed to the PRNG at run time. > > > > The first patch enables dynamic checking for the rdseed instruction and > > removes the requirement for it on the execution system. It also ensures > > that the code to use the rdseed instruction is generated, even if the host > > compilation system does not support it (on x86 systems). > > > > The second patch emulates the getentropy() glibc function by reading bytes > > from /dev/urandom. This removes an unnecessary dependency on glibc 2.25. > > > > v4: Note that emulating getentropy by reading from /dev/urandom should > > never fail, so now the question is if we should just remove the rdseed > > method entirely since it's x86 only? Should we remove the fallback to > > rte_get_tsc_cycles()? > > > > Thanks > > Dan > > > > ----- > > v2: > > * Fix patch apply issue. > > * dlclose() handle if dlsym() fails in __rte_getentropy(). > > > > v3: > > * Fix error checking of dlsym() in __rte_getentropy(). > > * Style changes recommended by Mattias. > > > > v4: > > * Replace dlopen/dlsym method with reading from /dev/urandom. > > * Try rdseed method before getentropy() method since the > > latter should never fail. > > > I see no reason to prefer rdseed over the kernel. Let me give you a good reason. The reason that this change was done... Since rte_getentropy() is now available on all systems (with these patches) and cannot fail. rdseed can either 1) go before rte_getentropy() or 2) be completely removed. What do you recommend? thanks dan
On Mon, Jun 29, 2020 at 3:01 PM Dan Gora <dg@adax.com> wrote: > > On Mon, Jun 29, 2020 at 6:32 AM Mattias Rönnblom > <mattias.ronnblom@ericsson.com> wrote: > > > > On 2020-04-23 01:42, Dan Gora wrote: > > > Hi All, > > > > > > The following patches updates the rte_random subsystem to dynamically find > > > the best source of the initial seed to the PRNG at run time. > > > > > > The first patch enables dynamic checking for the rdseed instruction and > > > removes the requirement for it on the execution system. It also ensures > > > that the code to use the rdseed instruction is generated, even if the host > > > compilation system does not support it (on x86 systems). > > > > > > The second patch emulates the getentropy() glibc function by reading bytes > > > from /dev/urandom. This removes an unnecessary dependency on glibc 2.25. > > > > > > v4: Note that emulating getentropy by reading from /dev/urandom should > > > never fail, so now the question is if we should just remove the rdseed > > > method entirely since it's x86 only? Should we remove the fallback to > > > rte_get_tsc_cycles()? > > > > > > Thanks > > > Dan > > > > > > ----- > > > v2: > > > * Fix patch apply issue. > > > * dlclose() handle if dlsym() fails in __rte_getentropy(). > > > > > > v3: > > > * Fix error checking of dlsym() in __rte_getentropy(). > > > * Style changes recommended by Mattias. > > > > > > v4: > > > * Replace dlopen/dlsym method with reading from /dev/urandom. > > > * Try rdseed method before getentropy() method since the > > > latter should never fail. > > > > > > I see no reason to prefer rdseed over the kernel. It even says why right here: > > > * Try rdseed method before getentropy() method since the > > > latter should never fail. *******since the latter should never fail******* Did you see that part? thanks dan
On 2020-06-29 20:01, Dan Gora wrote: > On Mon, Jun 29, 2020 at 6:32 AM Mattias Rönnblom > <mattias.ronnblom@ericsson.com> wrote: >> On 2020-04-23 01:42, Dan Gora wrote: >>> Hi All, >>> >>> The following patches updates the rte_random subsystem to dynamically find >>> the best source of the initial seed to the PRNG at run time. >>> >>> The first patch enables dynamic checking for the rdseed instruction and >>> removes the requirement for it on the execution system. It also ensures >>> that the code to use the rdseed instruction is generated, even if the host >>> compilation system does not support it (on x86 systems). >>> >>> The second patch emulates the getentropy() glibc function by reading bytes >>> from /dev/urandom. This removes an unnecessary dependency on glibc 2.25. >>> >>> v4: Note that emulating getentropy by reading from /dev/urandom should >>> never fail, so now the question is if we should just remove the rdseed >>> method entirely since it's x86 only? Should we remove the fallback to >>> rte_get_tsc_cycles()? >>> >>> Thanks >>> Dan >>> >>> ----- >>> v2: >>> * Fix patch apply issue. >>> * dlclose() handle if dlsym() fails in __rte_getentropy(). >>> >>> v3: >>> * Fix error checking of dlsym() in __rte_getentropy(). >>> * Style changes recommended by Mattias. >>> >>> v4: >>> * Replace dlopen/dlsym method with reading from /dev/urandom. >>> * Try rdseed method before getentropy() method since the >>> latter should never fail. >> >> I see no reason to prefer rdseed over the kernel. > Let me give you a good reason. The reason that this change was done... > > Since rte_getentropy() is now available on all systems (with these > patches) and cannot fail. rdseed can either 1) go before > rte_getentropy() or 2) be completely removed. > It's unlikely to fail, and if it does something is probably seriously wrong with your system. You also seem to think it might fail, since you take great care of setting errno and having non-zero return code in __rte_getentropy(). From what I recall, it was Bruce that suggested rdseed should be included as one of the sources. I have no opinion on that particular subject, other than I think kernel-originated randomness should have priority.
On Mon, Jun 29, 2020 at 6:06 PM Mattias Rönnblom <mattias.ronnblom@ericsson.com> wrote: > > It's unlikely to fail, and if it does something is probably seriously > wrong with your system. You also seem to think it might fail, since you > take great care of setting errno and having non-zero return code in > __rte_getentropy(). Well, no, I don't personally think that it will fail and certainly even if a read call to /dev/random fails, the whole function will not fail. As I said, I was trying to emulate the glibc getentropy and all its semantics. > From what I recall, it was Bruce that suggested rdseed should be > included as one of the sources. I have no opinion on that particular > subject, other than I think kernel-originated randomness should have > priority. In light of new attacks on rdseed, it should probably just be removed, IMHO. https://www.phoronix.com/scan.php?page=article&item=crosstalk-srbds-vulnerability&num=1 thanks d