From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 18376A00C2;
	Wed, 22 Apr 2020 19:44:40 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id BD51E1D167;
	Wed, 22 Apr 2020 19:44:38 +0200 (CEST)
Received: from mail-io1-f68.google.com (mail-io1-f68.google.com
 [209.85.166.68]) by dpdk.org (Postfix) with ESMTP id 311181D161
 for <dev@dpdk.org>; Wed, 22 Apr 2020 19:44:37 +0200 (CEST)
Received: by mail-io1-f68.google.com with SMTP id z2so3309121iol.11
 for <dev@dpdk.org>; Wed, 22 Apr 2020 10:44:37 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc:content-transfer-encoding;
 bh=YUQllwlLgakbEqbHyCa3DOq0Xri+guq5BZru6WhYxIM=;
 b=lcCtY8aRYkE0/mCS52hJ0WQY55/m/nBaL6Mo1s70tVk55fWi3bTxUlEjBp09rmM7X0
 CvLgyQRl5d0Cbqj+TqWYdIuhQRbclvvfy5sJvvdmVhbV5ZM78H8I0W4CUPYYd3cUywi2
 9y2TvZNPoBp/iKQPdBIpiAAEDoqUmrzFDrblf4OYQt7fE25iIFSPWb4zZZhEqyhHi7km
 wNANzuntnExZjjDnWVt/u+HvvhBNTbhTfT/NBngP6883K+Y4Tr5dhklObFkHGXX7Byco
 iWYxAsL/NkApvUW7g3rf8QBrgDQufAZbvtNovZDbP9ySU1kGh1XeeOXIDUbaqe2RXQ6o
 KNYw==
X-Gm-Message-State: AGi0PuZv9yRkcuwLHisyikSSIUWWoAvC5670YIlJf2mlmtMkewbOYQ8u
 SPr5uDe5wkSNTk9TY4AIeX6N5cdz/1iBGq+Q2Vw=
X-Google-Smtp-Source: APiQypLDtVRBksze+z1OsOlNNzS32o1gux/i+Mz+K5fj6G/e+5Zbb7W4glwFCByocGn+AF/WEhPVipZB0ctSB04wUZk=
X-Received: by 2002:a02:603:: with SMTP id 3mr8983352jav.132.1587577476230;
 Wed, 22 Apr 2020 10:44:36 -0700 (PDT)
MIME-Version: 1.0
References: <20200421195446.1730-1-dg@adax.com>
 <20200421195446.1730-3-dg@adax.com>
 <5df15087-781e-d27f-b7d8-50b1b8cb0c94@ericsson.com>
In-Reply-To: <5df15087-781e-d27f-b7d8-50b1b8cb0c94@ericsson.com>
From: Dan Gora <dg@adax.com>
Date: Wed, 22 Apr 2020 14:44:00 -0300
Message-ID: <CAGyogRb1N3X6A2yhX0-9611AOdMaHQf91HBi+zGb144DT-LLkg@mail.gmail.com>
To: =?UTF-8?Q?Mattias_R=C3=B6nnblom?= <mattias.ronnblom@ericsson.com>
Cc: "dev@dpdk.org" <dev@dpdk.org>, David Marchand <david.marchand@redhat.com>, 
 Jerin Jacob <jerinjacobk@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [dpdk-dev] [PATCH 2/2] eal: resolve getentropy at run time for
	random seed
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

On Wed, Apr 22, 2020 at 5:28 AM Mattias R=C3=B6nnblom
<mattias.ronnblom@ericsson.com> wrote:
>
> On 2020-04-21 21:54, Dan Gora wrote:
> > The getentropy() function was introduced into glibc v2.25 and so is
> > not available on all supported platforms.  Previously, if DPDK was
> > compiled (using meson) on a system which has getentropy(), it would
> > introduce a dependency on glibc v2.25 which would prevent that binary
> > from running on a system with an older glibc.  Similarly if DPDK was
> > compiled on a system which did not have getentropy(), getentropy()
> > could not be used even if the execution system supported it.
> >
> > Introduce a new static function, __rte_getentropy() which will try to
> > resolve the getentropy() function dynamically using dlopen()/dlsym(),
> > returning failure if the getentropy() function cannot be resolved or
> > if it fails.
>
>
> Two other options: providing a DPDK-native syscall wrapper for
> getrandom(), or falling back to reading /dev/urandom. Have you
> considered any of those two options? If so, why do you prefer
> dlopen()/dlsym()?

I didn't give any thought at all to using /dev/urandom.  The goal was
not really to change how the thing worked, just to remove the
dependency on glibc 2.25.

Using a syscall wrapper is not really going to be any easier, and in
fact probably more complicated.  Here is the code in glibc for
getentropy():

int
getentropy (void *buffer, size_t length)
{
  /* The interface is documented to return EIO for buffer lengths
     longer than 256 bytes.  */
  if (length > 256)
    {
      __set_errno (EIO);
      return -1;
    }

  /* Try to fill the buffer completely.  Even with the 256 byte limit
     above, we might still receive an EINTR error (when blocking
     during boot).  */
  void *end =3D buffer + length;
  while (buffer < end)
    {
      /* NB: No cancellation point.  */
      ssize_t bytes =3D INLINE_SYSCALL_CALL (getrandom, buffer, end - buffe=
r, 0);
      if (bytes < 0)
        {
          if (errno =3D=3D EINTR)
            /* Try again if interrupted by a signal.  */
            continue;
          else
            return -1;
        }
      if (bytes =3D=3D 0)
        {
          /* No more bytes available.  This should not happen under
             normal circumstances.  */
          __set_errno (EIO);
          return -1;
        }
      /* Try again in case of a short read.  */
      buffer +=3D bytes;
    }
  return 0;
}

__rte_getentropy() is easier than this.  Plus the syscall interface
does not solve the problem of being able to compile on a system with
the syscall and run it on a system without it or vice versa, which is
what I was trying to solve.

> Failure to run on old libc seems like a non-issue to me.

Well, again, it's a new dependency that didn't exist before.. We sell
to telco customers, so we have to support 10s of different target
platforms of various ages.  If they update their system, we'd have to
recompile our code to be able to use getentropy().  Similarly, if we
compiled on a system which has getentropy(), but the target system
doesn't, then they cannot run our binary because of the glibc 2.25
dependency.  That means that we have to have separate versions with
and without getentropy().  It's a maintenance headache for no real
benefit.

To my mind, since getentropy() can block it seems like it would
probably be better to just remove it entirely, but I suppose that's up
to the person(s) who put it in in the first place.

> > This also allows getentropy() to be used as the random seed source
> > when the traditional Makefile build for DPDK is used.
> >
> > Signed-off-by: Dan Gora <dg@adax.com>
> > ---
> >   lib/librte_eal/common/rte_random.c | 33 ++++++++++++++++++++++++-----=
-
> >   lib/librte_eal/meson.build         |  3 ---
> >   2 files changed, 27 insertions(+), 9 deletions(-)
> >
> > diff --git a/lib/librte_eal/common/rte_random.c b/lib/librte_eal/common=
/rte_random.c
> > index df02f1307..f8203f4c7 100644
> > --- a/lib/librte_eal/common/rte_random.c
> > +++ b/lib/librte_eal/common/rte_random.c
> > @@ -7,6 +7,7 @@
> >   #endif
> >   #include <stdlib.h>
> >   #include <unistd.h>
> > +#include <dlfcn.h>
> >
> >   #include <rte_branch_prediction.h>
> >   #include <rte_cycles.h>
> > @@ -176,18 +177,38 @@ rte_rand_max(uint64_t upper_bound)
> >       return res;
> >   }
> >
> > +/* Try to use the getentropy() function from glibc >=3D 2.25 */
> > +static int
> > +__rte_getentropy(uint64_t *ge_seed)
> > +{
> > +     void *handle =3D NULL;
> > +     void **sym;
> > +     int (*getentropy_p)(void *__buffer, size_t __length);
> > +     int gc_rc;
> > +
> > +     handle =3D dlopen("libc.so.6", RTLD_LAZY);
> > +     if (!handle)
> !=3D NULL
> > +             return -1;
> > +
> > +     sym =3D dlsym(handle, "getentropy");
> > +     if (!sym || !*sym)
>
> !=3D NULL again
>
>
> dlsym() returns a "void *". The man page says nothing about
> de-referencing it. Is that allowed?

This was blindly stolen from mlx5_common.c, so blame them :P

> > +             /* Cannot resolve getentropy */
> > +             return -1;
> Missing a dlclose()

This was fixed in version 2 of my patch...