From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0D08942DEC; Thu, 6 Jul 2023 19:22:37 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8C22E41101; Thu, 6 Jul 2023 19:22:36 +0200 (CEST) Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by mails.dpdk.org (Postfix) with ESMTP id 932CF40A79 for ; Thu, 6 Jul 2023 19:22:35 +0200 (CEST) Received: by mail-pj1-f47.google.com with SMTP id 98e67ed59e1d1-262e5e71978so682854a91.1 for ; Thu, 06 Jul 2023 10:22:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20221208.gappssmtp.com; s=20221208; t=1688664154; x=1691256154; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=73AQ1kylQrtIVOE7M61EIjMpi2owdn0J7r1fm4ymfA0=; b=vhYu+GAd4tiLUXGp5sOaQ06it0NbrINCjjJKVSJmKypVAJZOpsUvTkpO0gYTxIJXdH KiKeRi6W43GLhUcTEIFWjjKUOrLE6cAMAhxHSL5GSQPdKVI2UsfJrj/8xD5l0+UWVFRg Xwkm8kblUgWfdvNsWDDknW+1XAjlAVHzHLXWGm18SX+tDqimAHIAAiobRCmABmhtFj3/ z8d3GE9X/16q6JoQx4m/dvmOEyYHRlDjjhLqJw75mSAg/YDO7NW+z9/5rj76QEXvFeXn e0lAR0wj3LoRG32YwZkRlQyC7np4tZxQde4eWDqKdkcPXsQKkm2KIHfMkxDbwUdyuQSU nQKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688664154; x=1691256154; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=73AQ1kylQrtIVOE7M61EIjMpi2owdn0J7r1fm4ymfA0=; b=YKavwvqrcLmtjjbVaNple11dPeKBc3iv2JWA/TYQs/gb2GkahlRvRttCwRQXyStFiq +KIZ6381GoYyE7Ia7Idsu5tJtHGYXFJ9vmOAeiRZIFHJ6Kjjp8P0CL4/DqlhweqqEs3l FAZJm+JBU+T/DhT56+0W56ZYozWtD9yU6IKXw3OBCM7UNOV2F6ZsVLNwiyaKZQ0KtNUi 08Wcmi0LxbmXLxM6YpvfaUzkOnrZKPtPs+tXSGrkEldFcSTIR+cEezDOkp0yWyrGoxox 0M8qyklHteJ2uxsUlr0+riSgU0kr+WrR1ysyXFVlLKUoA+a/8UGUoJpg7sWgxkBkJ+/z G88g== X-Gm-Message-State: ABy/qLadsq21b5Dsm7t0cXmBNdFSgWMGq/2bWaF0uFzJFFt0xE3pjSNk SncTgGogCJKsDj/qSkwu69qbAQ== X-Google-Smtp-Source: APBJJlGF2jpAjFicjxJhhHNlJQX+EqiNPx7qhQRyALGqytgW8vfU/80AAgcuq95pE9aEZc+XD0Bf4A== X-Received: by 2002:a17:90a:5d86:b0:263:7d8:4a with SMTP id t6-20020a17090a5d8600b0026307d8004amr8527970pji.18.1688664154427; Thu, 06 Jul 2023 10:22:34 -0700 (PDT) Received: from hermes.local (204-195-120-218.wavecable.com. [204.195.120.218]) by smtp.gmail.com with ESMTPSA id l7-20020a17090aaa8700b00264044cca0fsm2145832pjq.1.2023.07.06.10.22.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Jul 2023 10:22:34 -0700 (PDT) Date: Thu, 6 Jul 2023 10:22:32 -0700 From: Stephen Hemminger To: Thomas Monjalon Cc: Dmitry Kozlyuk , dev@dpdk.org, leyi.rong@intel.com, Yipeng Wang , Sameh Gobriel , Alan Liu Subject: Re: [PATCH] member: fix PRNG seed reset in NitroSketch mode Message-ID: <20230706102232.5e7eefd9@hermes.local> In-Reply-To: <4969062.ejJDZkT8p0@thomas> References: <20230620211720.350336-1-dmitry.kozliuk@gmail.com> <20230703085458.23c383e6@hermes.local> <4969062.ejJDZkT8p0@thomas> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On Thu, 06 Jul 2023 18:20:19 +0200 Thomas Monjalon wrote: > > > > This raises a more global issue. > > rte_srand() overrides the system seed which is set during startup. > > This is a bad thing, it reduces the entropy in the random number generator. > > > > There are two possible solutions to this: > > 1. Remove all all calls to rte_srand() and deprecate it. > > 2. Make rte_srand() add a fixed value to existing entropy. This is what the > > kernel PRNG does. It adds any user supplied additional entropy to original > > state. > > > > Looking at current source. > > - code in tests seeding PRNG with TSC. This is unnecessary and can be removed. > > - this code in member library. Should be removed. > > > > Acked-by: Stephen Hemminger > > Applied, thanks. > > What's next regarding rte_srand? I am not a random number expert and the topic gets complex with tradeoffs. How secure do you want versus how fast versus how paranoid. OpenBSD is paranoid. Linux kernel chooses secure. Looks like DPDK is choosing fast like FreeBSD prng. The problem is (despite documentation) applications end up needing a crypto-graphic secure random numbers. Examples are hash seeds or session keys.