locks and kernel randomness...

Alfred Perlstein alfred at freebsd.org
Tue Feb 24 21:13:24 UTC 2015 


On 2/24/15 1:25 PM, John-Mark Gurney wrote:
> Alfred Perlstein wrote this message on Tue, Feb 24, 2015 at 13:04 -0500:
>> On 2/24/15 12:40 PM, John-Mark Gurney wrote:
>>> Warner Losh wrote this message on Tue, Feb 24, 2015 at 07:56 -0700:
>>>> Then again, if you want to change random(), provide a weak_random() that???s
>>>> the traditional non-crypto thing that???s fast and lockless. That would make it easy
>>>> to audit in our tree. The scheduler doesn???t need cryptographic randomness, it
>>>> just needs to make different choices sometimes to ensure its notion of fairness.
>>>
>>> I do not support having a weak_random...  If the consumer is sure
>>> enough that you don't need a secure random, then they can pick an LCG
>>> and implement it themselves and deal (or not) w/ the locking issues...
>>>
>>> It appears that the scheduler had an LCG but for some reason the authors
>>> didn't feel like using it here..
>>
>> The way I read this argument is that no low quality sources of
>> randomness shall be allowed.
>
> No, I'm saying that the person who needs the predictable randomness
> needs to do extra work to get it...  If they care that much about
> performance/predictability/etc, then a little extra work won't hurt
> them..  And if they don't know what an LCG is, then they aren't
> qualified to make the decision that a weaker RNG is correct for their
> situation..
>
>> So we should get rid of rand(3)?  When do we deprecate that?
>
> No, we should replace it w/ proper randomness like OpenBSD has...
> I'm willing to go that far and I think FreeBSD should...  OpenBSD has
> done a lot of leg work in tracking down ports that correctly use
> rand(3), and letting them keep their deterministic randomness, while
> the remaining get real random..
>
>> Your argument doesn't hold water.
>
> Sorry, you're argument sounds like it's from the 90's when we didn't
> know any better on how to make secure systems...  Will you promise to
> audit all new uses of randomness in the system to make sure that they
> are using the correct, secure API?
>
> Considering that it's been recommended that people NOT use
> read_random(9) for 14 years, yet people continue to use it in new code,
> demonstrates that people do not know what they are doing (wrt
> randomness), and the only way to make sure they do the correct, secure
> thing is to only provide the secure API...

That speaks to more of the drive-by czars we have in BSD land that take 
an area with a hard lock and then go away.

Also, do not want to attempt to be like openbsd, learn from for sure, 
but to be like, no way.


-Alfred

More information about the freebsd-arch mailing list