From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id B566CA0093;
	Sat, 21 May 2022 18:24:04 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 12E49406A2;
	Sat, 21 May 2022 18:24:04 +0200 (CEST)
Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com
 [209.85.216.49]) by mails.dpdk.org (Postfix) with ESMTP id 30BCA40040
 for <dev@dpdk.org>; Sat, 21 May 2022 18:24:02 +0200 (CEST)
Received: by mail-pj1-f49.google.com with SMTP id
 fw21-20020a17090b129500b001df9f62edd6so8259292pjb.0
 for <dev@dpdk.org>; Sat, 21 May 2022 09:24:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=networkplumber-org.20210112.gappssmtp.com; s=20210112;
 h=date:from:to:cc:subject:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=kZ4VkWK7VF9WkWQ7F6IwulO2xl2jWGN9S9h9bEh/oww=;
 b=Pk8VlK+/lyM0k0nkyIdAw/79wlDJ99dz603RrQe1BULULPfyPyi3q89V+8dtelrAV5
 bAxl3/L1wAog9o7G/lVTGsvF1Hve5+XMtOEgjoRwOvXLBYV4xvwakVMaHFbzpTVvp5tm
 ca5ozEd6MlZVIP0GyxaUQkbwdb/IJw2qQYQD+OWy+ihyc0UqMChLMvj8AxiSyJJvtYkn
 mgTvkwH18aqMvj6EzElkaPk7AO+J4W0fGzGcgptxrJHDeEXJibTUTLpnko90XNPj19pg
 BZQ5jSWJOYDjlKBPhAqdc4KA+ypT4BaYGe7LX69upDGezjA/zS91NDrM4oIq4brEHE6v
 M+ew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=kZ4VkWK7VF9WkWQ7F6IwulO2xl2jWGN9S9h9bEh/oww=;
 b=mX4ek30JNeZKpH/cuOnhP0bVEWB1qiJmYKwjF6F7X0cXx4rCB9oOGjgboi05hm7JAc
 fCRxFWyRYPd6ImfxtG9VYhB725cqDNQHjd1D58gaYszy+ekWAhjiRSlfzgP1J5CoG4pj
 iMySxBsB4Zebc1tE6POC062bUYia/0nBb+li+6Ud0bTgIHBW8UrGejTCDMtQypKAxonW
 t/We0mX8SQxOzbvEM5QSbe8huBV9ffVO9qa7rlv6AdmOQtKWSlsd02BzXk2YDXtXaKGm
 QE5EXoTD/xGNsOGXe+YHx2SNkE5Flm1Kw/7bZAilliMPvsP/jrF3m8RycuQmt1/JpdU7
 bLNg==
X-Gm-Message-State: AOAM533zioQ11ImtRl362ph6g9dqGg9p4M9oiLi1gsPe2jF/y2l0pML0
 Zqeyv9NM8zxv9TvQ/W3c+17Now==
X-Google-Smtp-Source: ABdhPJw3n+LPgsaApLd1Xo2sB4cIi0rfwjMR3ztnkJwluoCrcsDhXcFiM7QdCJHomOHjPdo8Nl+wvA==
X-Received: by 2002:a17:90a:8041:b0:1df:991f:df24 with SMTP id
 e1-20020a17090a804100b001df991fdf24mr17733380pjw.19.1653150241133; 
 Sat, 21 May 2022 09:24:01 -0700 (PDT)
Received: from hermes.local (204-195-112-199.wavecable.com. [204.195.112.199])
 by smtp.gmail.com with ESMTPSA id
 b5-20020a170902b60500b0016213f0f9a1sm394245pls.34.2022.05.21.09.24.00
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 21 May 2022 09:24:00 -0700 (PDT)
Date: Sat, 21 May 2022 09:23:57 -0700
From: Stephen Hemminger <stephen@networkplumber.org>
To: Morten =?UTF-8?B?QnLDuHJ1cA==?= <mb@smartsharesystems.com>
Cc: "David Marchand" <david.marchand@redhat.com>, <dev@dpdk.org>,
 <thomas@monjalon.net>, <ferruh.yigit@xilinx.com>, <stable@dpdk.org>,
 "Marcin Wojtas" <mw@semihalf.com>, "Michal Krawczyk" <mk@semihalf.com>,
 "Shai Brandes" <shaibran@amazon.com>, "Evgeny Schemeilin"
 <evgenys@amazon.com>, "Igor Chauskin" <igorch@amazon.com>
Subject: Re: [PATCH 04/12] net/ena: fix build with GCC 12
Message-ID: <20220521092357.783b8f7f@hermes.local>
In-Reply-To: <98CBD80474FA8B44BF855DF32C47DC35D87093@smartserver.smartshare.dk>
References: <20220518101657.1230416-1-david.marchand@redhat.com>
 <20220518101657.1230416-5-david.marchand@redhat.com>
 <20220520132807.57005bc1@hermes.local>
 <98CBD80474FA8B44BF855DF32C47DC35D87093@smartserver.smartshare.dk>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

On Sat, 21 May 2022 11:49:47 +0200
Morten Br=C3=B8rup <mb@smartsharesystems.com> wrote:

> >=20
> > Also, worth considering dropping DPDK random number generator
> > in userspace for security reasons and just using more secure kernel
> > code. =20
>=20
> Absolutely not! We need a fast pseudorandom number generator in DPDK.
>=20
> If anything, we could consider renaming the functions and header file to =
reflect that they are pseudorandom number generators, and not (cryptographi=
cally) random generators. That would cause an API/ABI breakage, so it's pro=
bably not going to happen. ;-)


The Linux kernel has received an way more attention on random numbers than
DPDK. If you follow the history, what happens is that a simple dumb LCG
or similar random number generator gets invented, and then gets used for
lots of things that people don't think need a strong generator.

Followed by DoS and other attacks where the weak random number generator
is broken when used for doing things like creating sequence numbers of
TCP port assignment.  This is then followed by even more work on the
kernel random number generator to make the default random number generator
stronger.

I bring up this history, so that DPDK won't have to repeat it.

Right now the DPDK random number generator is insecure because it uses
long but weak PRNG and never reseeds itself.

See:
https://lwn.net/Articles/884875/

There is also FIPS to consider.
https://lwn.net/Articles/877607/

Since random number generators are hard, prefer that someone else do it :-)