From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 0F2F1A0093
	for <public@inbox.dpdk.org>; Sat, 21 May 2022 18:24:04 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id DBF2240040;
	Sat, 21 May 2022 18:24:03 +0200 (CEST)
Received: from mail-pj1-f42.google.com (mail-pj1-f42.google.com
 [209.85.216.42]) by mails.dpdk.org (Postfix) with ESMTP id 31E6440222
 for <stable@dpdk.org>; Sat, 21 May 2022 18:24:02 +0200 (CEST)
Received: by mail-pj1-f42.google.com with SMTP id
 ob14-20020a17090b390e00b001dff2a43f8cso3407485pjb.1
 for <stable@dpdk.org>; Sat, 21 May 2022 09:24:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=networkplumber-org.20210112.gappssmtp.com; s=20210112;
 h=date:from:to:cc:subject:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=kZ4VkWK7VF9WkWQ7F6IwulO2xl2jWGN9S9h9bEh/oww=;
 b=Pk8VlK+/lyM0k0nkyIdAw/79wlDJ99dz603RrQe1BULULPfyPyi3q89V+8dtelrAV5
 bAxl3/L1wAog9o7G/lVTGsvF1Hve5+XMtOEgjoRwOvXLBYV4xvwakVMaHFbzpTVvp5tm
 ca5ozEd6MlZVIP0GyxaUQkbwdb/IJw2qQYQD+OWy+ihyc0UqMChLMvj8AxiSyJJvtYkn
 mgTvkwH18aqMvj6EzElkaPk7AO+J4W0fGzGcgptxrJHDeEXJibTUTLpnko90XNPj19pg
 BZQ5jSWJOYDjlKBPhAqdc4KA+ypT4BaYGe7LX69upDGezjA/zS91NDrM4oIq4brEHE6v
 M+ew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=kZ4VkWK7VF9WkWQ7F6IwulO2xl2jWGN9S9h9bEh/oww=;
 b=d2eGGJRytfMGwbaa6I/QTf3OtDs1oiHcb4KvE0vRxE62hGKpyTTqvagMQM0bIEQxc5
 gg3Hjg0jYwL4R5bSggJirGcURrdxrT75uTx6XEpa9OPt0pLZrdgx8GMlAY+1SSoIlS7K
 Cla8n/JgAbgepLl4VaT0DNdJASftK2rKm4jXLREUE6rJHrQmjEwSju0vjreWIyGDuARt
 v0N3hUW1h2gs0vvVzfacJBjY/8x4Th5UMMX09IpGrjgAokYXjHyiG4vnjlXhFDXML8HV
 OmxAvTNCA5pjJHBfUEeNFpJqOC9QF3uVQh1CliVN6LGIhhf84M91dJXxx4hLlG22vyPi
 F5qA==
X-Gm-Message-State: AOAM533Igxw4E3BQZ2DcvH/NVnZ0UkTkUQsaCdQdiObZepQpk89U7wvY
 W4muH8SwzRceInLniIJ6TkIdpA==
X-Google-Smtp-Source: ABdhPJw3n+LPgsaApLd1Xo2sB4cIi0rfwjMR3ztnkJwluoCrcsDhXcFiM7QdCJHomOHjPdo8Nl+wvA==
X-Received: by 2002:a17:90a:8041:b0:1df:991f:df24 with SMTP id
 e1-20020a17090a804100b001df991fdf24mr17733380pjw.19.1653150241133; 
 Sat, 21 May 2022 09:24:01 -0700 (PDT)
Received: from hermes.local (204-195-112-199.wavecable.com. [204.195.112.199])
 by smtp.gmail.com with ESMTPSA id
 b5-20020a170902b60500b0016213f0f9a1sm394245pls.34.2022.05.21.09.24.00
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 21 May 2022 09:24:00 -0700 (PDT)
Date: Sat, 21 May 2022 09:23:57 -0700
From: Stephen Hemminger <stephen@networkplumber.org>
To: Morten =?UTF-8?B?QnLDuHJ1cA==?= <mb@smartsharesystems.com>
Cc: "David Marchand" <david.marchand@redhat.com>, <dev@dpdk.org>,
 <thomas@monjalon.net>, <ferruh.yigit@xilinx.com>, <stable@dpdk.org>,
 "Marcin Wojtas" <mw@semihalf.com>, "Michal Krawczyk" <mk@semihalf.com>,
 "Shai Brandes" <shaibran@amazon.com>, "Evgeny Schemeilin"
 <evgenys@amazon.com>, "Igor Chauskin" <igorch@amazon.com>
Subject: Re: [PATCH 04/12] net/ena: fix build with GCC 12
Message-ID: <20220521092357.783b8f7f@hermes.local>
In-Reply-To: <98CBD80474FA8B44BF855DF32C47DC35D87093@smartserver.smartshare.dk>
References: <20220518101657.1230416-1-david.marchand@redhat.com>
 <20220518101657.1230416-5-david.marchand@redhat.com>
 <20220520132807.57005bc1@hermes.local>
 <98CBD80474FA8B44BF855DF32C47DC35D87093@smartserver.smartshare.dk>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org

On Sat, 21 May 2022 11:49:47 +0200
Morten Br=C3=B8rup <mb@smartsharesystems.com> wrote:

> >=20
> > Also, worth considering dropping DPDK random number generator
> > in userspace for security reasons and just using more secure kernel
> > code. =20
>=20
> Absolutely not! We need a fast pseudorandom number generator in DPDK.
>=20
> If anything, we could consider renaming the functions and header file to =
reflect that they are pseudorandom number generators, and not (cryptographi=
cally) random generators. That would cause an API/ABI breakage, so it's pro=
bably not going to happen. ;-)


The Linux kernel has received an way more attention on random numbers than
DPDK. If you follow the history, what happens is that a simple dumb LCG
or similar random number generator gets invented, and then gets used for
lots of things that people don't think need a strong generator.

Followed by DoS and other attacks where the weak random number generator
is broken when used for doing things like creating sequence numbers of
TCP port assignment.  This is then followed by even more work on the
kernel random number generator to make the default random number generator
stronger.

I bring up this history, so that DPDK won't have to repeat it.

Right now the DPDK random number generator is insecure because it uses
long but weak PRNG and never reseeds itself.

See:
https://lwn.net/Articles/884875/

There is also FIPS to consider.
https://lwn.net/Articles/877607/

Since random number generators are hard, prefer that someone else do it :-)