From: Neil Horman <nhorman@tuxdriver.com>
To: "Mattias Rönnblom" <mattias.ronnblom@ericsson.com>
Cc: dev@dpdk.org, stephen@networkplumber.org,
david.marchand@redhat.com, bruce.richardson@intel.com
Subject: Re: [dpdk-dev] [PATCH 1/6] eal: replace libc-based random number generation with LFSR
Date: Sun, 19 May 2019 14:32:04 -0400 [thread overview]
Message-ID: <20190519183204.GA3004@localhost.localdomain> (raw)
In-Reply-To: <295f536a-3793-3654-8711-dc1d57368ac9@ericsson.com>
On Fri, May 17, 2019 at 11:10:25PM +0200, Mattias Rönnblom wrote:
> On 2019-05-17 21:27, Neil Horman wrote:
>
> > > > > diff --git a/lib/librte_eal/common/rte_random.c b/lib/librte_eal/common/rte_random.c
> > > > > new file mode 100644
> > > > > index 000000000..4d3cf5226
> > > > > --- /dev/null
> > > > > +++ b/lib/librte_eal/common/rte_random.c
> > > > > @@ -0,0 +1,139 @@
> > > > > +/* SPDX-License-Identifier: BSD-3-Clause
> > > > > + * Copyright(c) 2019 Ericsson AB
> > > > > + */
> > > > > +
> > > > > +#include <stdlib.h>
> > > > > +
> > > > > +#include <rte_branch_prediction.h>
> > > > > +#include <rte_cycles.h>
> > > > > +#include <rte_eal.h>
> > > > > +#include <rte_lcore.h>
> > > > > +#include <rte_memory.h>
> > > > > +#include <rte_random.h>
> > > > > +
> > > > > +struct rte_rand_state {
> > > > > + uint64_t z1;
> > > > > + uint64_t z2;
> > > > > + uint64_t z3;
> > > > > + uint64_t z4;
> > > > > + uint64_t z5;
> > > > > +} __rte_cache_aligned;
> > > > > +
> > > > > +static struct rte_rand_state rand_states[RTE_MAX_LCORE];
> > > > > +
> > > >
> > > > It just occured to me that this variable embodies all the state of the rng.
> > > > Whats to stop an attacker from digging through ram to get this info and
> > > > predicting what the output will be? I understand that this rng probably
> > > > shouldn't be considered secure for cryptographic use, but it is used in the
> > > > ipsec test example, so it could be mistaken for an rng that is.
> > > >
> > >
> > > rte_rand() was never safe for use in cryptography, and now it's spelled out
> > > in the API documentation.
> > >
> > > If the IPsec example uses rte_rand() for anything security-related, it's a
> > > bug or at least should be accompanied by a comment, in my opinion.
> > >
> > I would agree with that, but the fact remains that the examples use rte_rand in
> > a context that is explicitly in violation of what you are documenting, which
> > certainly seems confusing.
> >
> > > That said, if you have an attacker who's already broken into your DPDK
> > > process' virtual memory, I'm not sure I understand why he would care much
> > > about the state of the PRNG. Wouldn't he just read your private keys, your
> > > messages in clear text or whatever other secrets you might have in memory?
> > >
> > Because the term "Breaking in" is a misnomer here. In unix system, IIRC, global
> > variables are shared accross processes.
>
> Mutable data, like the BSS section where the PRNG state goes, is not shared.
>
Yes, you and bruce are right, It is shared, but marked copy on write, so
its safe from the common case of multiple programs loading the object.
Neil
>
next prev parent reply other threads:[~2019-05-19 18:32 UTC|newest]
Thread overview: 137+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-05 13:45 [dpdk-dev] [RFC] eal: make rte_rand() MT safe Mattias Rönnblom
2019-04-05 13:45 ` Mattias Rönnblom
2019-04-05 13:51 ` Mattias Rönnblom
2019-04-05 13:51 ` Mattias Rönnblom
2019-04-05 14:28 ` Bruce Richardson
2019-04-05 14:28 ` Bruce Richardson
2019-04-05 14:56 ` Mattias Rönnblom
2019-04-05 14:56 ` Mattias Rönnblom
2019-04-05 16:57 ` Stephen Hemminger
2019-04-05 16:57 ` Stephen Hemminger
2019-04-05 18:04 ` Mattias Rönnblom
2019-04-05 18:04 ` Mattias Rönnblom
2019-04-05 20:50 ` Stephen Hemminger
2019-04-05 20:50 ` Stephen Hemminger
2019-04-06 5:52 ` Mattias Rönnblom
2019-04-06 5:52 ` Mattias Rönnblom
2019-04-08 12:30 ` [dpdk-dev] [RFC 1/3] Replace lrand48-based rte_rand with LFSR generator Mattias Rönnblom
2019-04-08 12:30 ` Mattias Rönnblom
2019-04-08 12:30 ` [dpdk-dev] [RFC 2/3] Add 32-bit version of rte_rand Mattias Rönnblom
2019-04-08 12:30 ` Mattias Rönnblom
2019-04-08 12:30 ` [dpdk-dev] [RFC 3/3] Introduce random generator functions with upper bound Mattias Rönnblom
2019-04-08 12:30 ` Mattias Rönnblom
2019-04-08 12:47 ` [dpdk-dev] [RFC 1/3] Replace lrand48-based rte_rand with LFSR generator Mattias Rönnblom
2019-04-08 12:47 ` Mattias Rönnblom
2019-04-19 21:21 ` [dpdk-dev] [RFC v2 0/2] Pseudo-number generation improvements Mattias Rönnblom
2019-04-19 21:21 ` Mattias Rönnblom
2019-04-19 21:21 ` [dpdk-dev] [RFC v2 1/2] eal: replace libc-based random number generation with LFSR Mattias Rönnblom
2019-04-19 21:21 ` Mattias Rönnblom
2019-04-22 11:34 ` Neil Horman
2019-04-22 11:34 ` Neil Horman
2019-04-22 14:49 ` Stephen Hemminger
2019-04-22 14:49 ` Stephen Hemminger
2019-04-22 15:52 ` Mattias Rönnblom
2019-04-22 15:52 ` Mattias Rönnblom
2019-04-22 17:44 ` Mattias Rönnblom
2019-04-22 17:44 ` Mattias Rönnblom
2019-04-23 11:33 ` Neil Horman
2019-04-23 11:33 ` Neil Horman
2019-04-23 17:13 ` Mattias Rönnblom
2019-04-23 17:13 ` Mattias Rönnblom
2019-04-24 11:37 ` Neil Horman
2019-04-24 11:37 ` Neil Horman
2019-04-23 15:31 ` Stephen Hemminger
2019-04-23 15:31 ` Stephen Hemminger
2019-04-23 17:17 ` Mattias Rönnblom
2019-04-23 17:17 ` Mattias Rönnblom
2019-04-24 7:52 ` Mattias Rönnblom
2019-04-24 7:52 ` Mattias Rönnblom
2019-04-24 12:33 ` [dpdk-dev] [RFC v3 0/2] Pseudo-random number generation improvements Mattias Rönnblom
2019-04-24 12:33 ` Mattias Rönnblom
2019-04-24 12:33 ` [dpdk-dev] [RFC v3 1/2] eal: replace libc-based random number generation with LFSR Mattias Rönnblom
2019-04-24 12:33 ` Mattias Rönnblom
2019-05-08 20:12 ` Stephen Hemminger
2019-05-08 20:12 ` Stephen Hemminger
2019-05-08 20:30 ` Mattias Rönnblom
2019-05-08 20:30 ` Mattias Rönnblom
2019-05-09 1:10 ` Stephen Hemminger
2019-05-09 1:10 ` Stephen Hemminger
2019-05-14 9:20 ` [dpdk-dev] [PATCH 0/6] Pseudo-random number generation improvements Mattias Rönnblom
2019-05-14 9:20 ` Mattias Rönnblom
2019-05-14 9:20 ` [dpdk-dev] [PATCH 1/6] eal: replace libc-based random number generation with LFSR Mattias Rönnblom
2019-05-14 9:20 ` Mattias Rönnblom
2019-05-14 9:32 ` Mattias Rönnblom
2019-05-14 9:32 ` Mattias Rönnblom
2019-05-14 14:16 ` Neil Horman
2019-05-14 14:16 ` Neil Horman
2019-05-14 14:53 ` Mattias Rönnblom
2019-05-14 14:53 ` Mattias Rönnblom
2019-05-17 19:27 ` Neil Horman
2019-05-17 20:57 ` Bruce Richardson
2019-05-17 21:10 ` Mattias Rönnblom
2019-05-19 18:32 ` Neil Horman [this message]
2019-05-14 15:27 ` Stephen Hemminger
2019-05-14 15:27 ` Stephen Hemminger
2019-05-14 9:20 ` [dpdk-dev] [PATCH 2/6] eal: add pseudo-random number generation performance test Mattias Rönnblom
2019-05-14 9:20 ` Mattias Rönnblom
2019-05-14 9:20 ` [dpdk-dev] [PATCH 3/6] eal: improve entropy for initial PRNG seed Mattias Rönnblom
2019-05-14 9:20 ` Mattias Rönnblom
2019-05-14 9:36 ` Mattias Rönnblom
2019-05-14 9:36 ` Mattias Rönnblom
2019-05-14 9:39 ` Bruce Richardson
2019-05-14 9:39 ` Bruce Richardson
2019-05-14 11:58 ` Mattias Rönnblom
2019-05-14 11:58 ` Mattias Rönnblom
2019-05-14 9:37 ` Bruce Richardson
2019-05-14 9:37 ` Bruce Richardson
2019-05-14 9:20 ` [dpdk-dev] [PATCH 4/6] eal: introduce random generator function with upper bound Mattias Rönnblom
2019-05-14 9:20 ` Mattias Rönnblom
2019-05-14 9:20 ` [dpdk-dev] [PATCH 5/6] eal: add bounded PRNG performance tests Mattias Rönnblom
2019-05-14 9:20 ` Mattias Rönnblom
2019-05-14 9:20 ` [dpdk-dev] [PATCH 6/6] eal: add pseudo-random number generation to MAINTAINERS Mattias Rönnblom
2019-05-14 9:20 ` Mattias Rönnblom
2019-05-16 17:55 ` [dpdk-dev] [PATCH v2 0/6] Pseudo-random number generation improvements Mattias Rönnblom
2019-05-16 17:55 ` [dpdk-dev] [PATCH v2 1/6] eal: replace libc-based random number generation with LFSR Mattias Rönnblom
2019-05-16 17:55 ` [dpdk-dev] [PATCH v2 2/6] eal: add pseudo-random number generation performance test Mattias Rönnblom
2019-05-16 17:55 ` [dpdk-dev] [PATCH v2 3/6] eal: improve entropy for initial PRNG seed Mattias Rönnblom
2019-05-16 17:55 ` [dpdk-dev] [PATCH v2 4/6] eal: introduce random generator function with upper bound Mattias Rönnblom
2019-05-16 17:55 ` [dpdk-dev] [PATCH v2 5/6] eal: add bounded PRNG performance tests Mattias Rönnblom
2019-05-16 17:55 ` [dpdk-dev] [PATCH v2 6/6] eal: add PRNG to MAINTAINERS and release notes Mattias Rönnblom
2019-05-16 20:35 ` [dpdk-dev] [PATCH v2 0/6] Pseudo-random number generation improvements Bruce Richardson
2019-06-05 10:43 ` [dpdk-dev] [PATCH v3 " Mattias Rönnblom
2019-06-05 10:43 ` [dpdk-dev] [PATCH v3 1/6] eal: replace libc-based random number generation with LFSR Mattias Rönnblom
2019-06-05 10:43 ` [dpdk-dev] [PATCH v3 2/6] eal: add pseudo-random number generation performance test Mattias Rönnblom
2019-06-27 21:23 ` Thomas Monjalon
2019-06-28 8:20 ` Mattias Rönnblom
2019-06-05 10:43 ` [dpdk-dev] [PATCH v3 3/6] eal: improve entropy for initial PRNG seed Mattias Rönnblom
2019-06-05 10:43 ` [dpdk-dev] [PATCH v3 4/6] eal: introduce random generator function with upper bound Mattias Rönnblom
2019-06-05 10:43 ` [dpdk-dev] [PATCH v3 5/6] eal: add bounded PRNG performance tests Mattias Rönnblom
2019-06-05 10:44 ` [dpdk-dev] [PATCH v3 6/6] eal: add PRNG to MAINTAINERS and release notes Mattias Rönnblom
2019-06-27 21:27 ` Thomas Monjalon
2019-06-28 8:17 ` Mattias Rönnblom
2019-06-15 12:23 ` [dpdk-dev] [PATCH v3 0/6] Pseudo-random number generation improvements Mattias Rönnblom
2019-06-28 9:01 ` [dpdk-dev] [PATCH v4 0/5] " Mattias Rönnblom
2019-06-28 9:01 ` [dpdk-dev] [PATCH v4 1/5] eal: replace libc-based random number generation with LFSR Mattias Rönnblom
2019-06-28 9:01 ` [dpdk-dev] [PATCH v4 2/5] eal: add pseudo-random number generation performance test Mattias Rönnblom
2019-06-28 9:01 ` [dpdk-dev] [PATCH v4 3/5] eal: improve entropy for initial PRNG seed Mattias Rönnblom
2019-06-28 19:01 ` Ferruh Yigit
2019-06-28 20:58 ` Mattias Rönnblom
2019-06-28 21:08 ` [dpdk-dev] [PATCH] eal: use 32-bit RDSEED to allow 32-bit x86 usage Mattias Rönnblom
2019-06-29 12:54 ` Thomas Monjalon
2019-06-28 9:01 ` [dpdk-dev] [PATCH v4 4/5] eal: introduce random generator function with upper bound Mattias Rönnblom
2019-06-28 9:01 ` [dpdk-dev] [PATCH v4 5/5] eal: add bounded PRNG performance tests Mattias Rönnblom
2019-06-28 13:24 ` [dpdk-dev] [PATCH v4 0/5] Pseudo-random number generation improvements Thomas Monjalon
2019-04-24 12:33 ` [dpdk-dev] [RFC v3 2/2] eal: introduce random generator function with upper bound Mattias Rönnblom
2019-04-24 12:33 ` Mattias Rönnblom
2019-04-19 21:21 ` [dpdk-dev] [RFC v2 " Mattias Rönnblom
2019-04-19 21:21 ` Mattias Rönnblom
2019-04-20 21:08 ` Wiles, Keith
2019-04-20 21:08 ` Wiles, Keith
2019-04-21 19:05 ` Mattias Rönnblom
2019-04-21 19:05 ` Mattias Rönnblom
2019-04-22 4:33 ` Wiles, Keith
2019-04-22 4:33 ` Wiles, Keith
2019-04-22 7:07 ` Mattias Rönnblom
2019-04-22 7:07 ` Mattias Rönnblom
2019-04-22 13:19 ` Wiles, Keith
2019-04-22 13:19 ` Wiles, Keith
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190519183204.GA3004@localhost.localdomain \
--to=nhorman@tuxdriver.com \
--cc=bruce.richardson@intel.com \
--cc=david.marchand@redhat.com \
--cc=dev@dpdk.org \
--cc=mattias.ronnblom@ericsson.com \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).