Comments (12)
So you don't think we should support Linux older than 3.17 (and I don't know what Solaris version)?
In near-mid term future for getrandom
crate I think we should use the version will fallback. But when (and if) we will get a language-level support for getrandom
, I believe we should consider the minimum supported Linux kernel version which will be supported by Rust out-of-box. It's part of a broader discussion, as I believe there were some issues with non-compatible OS versions (Fedora IIRC) for which we don't have any way to differentiate at compile time. Also if I am not mistaken Rust explicitly has dropped support for Windows XP.
With Solaris there are two issues:
- Syscall was introduced in 11.3 while Solaris 10 will be supported until 2021 (and Solaris 11 will be supported until 2034, dunno if support is extended to older minor version)
- There are OpenSolaris derivatives which may not have syscalls and again we don't have any way to differentiate between them at compile time.
So again until we will get an ability to overwrite getrandom
by applciations, I think we should keep the current code.
from getrandom.
ISC is legally equivalent to MIT, yes.
from getrandom.
For SGX target I think we can use rdrand intrinsic directly, as code is quite simple. But there is a question about whether we should use RDRAND or RDSEED here. Here is a blog post from Intel regarding the difference between them. Even though getrandom
will be often used for seeding I think we should still stick with the RDRAND.
from getrandom.
RDRAND
is absolutely the right place to start. The arguments for RDSEED
are generally in conjunction with using it to seed a userspace CSPRNG
“For Speed”, which is more or less what RDRAND
provides but as a CPU intrinsic.
Using RDRAND
directly has a very tiny code surface comparatively, along with well-understood properties. If people want to experiment with building higher performance RNGs on top of RDSEED
, I think that should be done separately (i.e. both approaches have merit but different tradeoffs aroynd security vs performance)
from getrandom.
The the linked blog, it sounds (vaguely) similar to the /dev/random
and /dev/urandom
distinction on Linux. In theory we could have two "grades" of quality for our getrandom
, but it sounds completely unnecessary (from what I understand, most crypto experts recommend using /dev/urandom
in all cases, aside from early boot (not applicable here) and information-theoretical security).
from getrandom.
From here:
I still plan to discuss using RDRAND as a backup option.
Personally I am strongly against it. As I've wrote earlier I believe that we should keep getrandom
as thin as possible, especially considering potential inclusion into std
. Plus making it overwritable in future will allow users to use any fallback strategy they would like.
from getrandom.
I would personally prefer this crate be kept as simple as possible with no built-in fallbacks. I think fallbacks should be pushed up a level into crates like rand_os
.
If I do wind up using this crate directly directly in lieu of rand_os
, I can manage RDRAND fallback on my own (I expect I wouldn't actually implement fallback, but instead just use RDRAND for SGX targets).
If this crate were to implement RDRAND exclusively for SGX targets (since no other options make sense), that'd be fine by me though.
from getrandom.
This paper is worth a view on the topic on RDRAND and RDSEED security: Shrimpton T., Terashima R.S. (2015) A Provable-Security Analysis of Intel’s Secure Key RNG.
At this point we already have a minimal RDRAND implementation for SGX. Interestingly, @jethrogb disagrees that SGX implies RDRAND.
@newpavlov mentions that this lib should be a very thin wrapper, however we already have some level of abstraction: probing for getrandom
sys-call support on Linux and Solaris, otherwise using the old interface. There is little difference there.
In terms of extra code, the addition would not be very heavy. @nagisa's lib is 472 lines, including a lot of doc and support for next_u*
functions plus RDSEED which we don't need. Run-time overhead would be negligible, compile-time and code-size overhead low.
In terms of trust, one must already have some trust in the CPU, and as @tarcieri has noted this only has any implication on certain three-letter-agencies, who are often sensibly excluded from threat models.
This is something applicable to many users and a small addition. I have nothing against making it a separate function (e.g. getrandom_with_fallback
), but think it would be a very nice thing to include?
from getrandom.
Interestingly, @jethrogb disagrees that SGX implies RDRAND.
It's true. RDRAND won't necessarily be available, and the Intel SDK tests for it at runtime. If it's not available though, there aren't other practical options to fall back to.
from getrandom.
we already have some level of abstraction: probing for
getrandom
sys-call support on Linux and Solaris, otherwise using the old interface. There is little difference there.
And as you can judge by #5 I dislike it. Depending on OS support policy I hope we will be able to remove it on inclusion into std
.
I guess I wouldn't mind including RDRAND fallback for x86
Windows targets, and only if it will be confirmed that the problem which originally caused the introduction of fallback is still present on supported Windows versions (meaning XP will not count). But I don't see any sensible reasons for adding such arch-specific fallback for all targets.
from getrandom.
Regarding the need for a fallback: see here (and also the last post, where it is suggested this is no longer a significant issue).
So I guess we could drop the idea.
Secondarily, in support of that, @nagisa's crate is established and optimised for the various RngCore
methods, thus it would make more sense to have the fallback at the RNG-level than here.
Depending on OS support policy I hope we will be able to remove it on inclusion into std.
So you don't think we should support Linux older than 3.17 (and I don't know what Solaris version)?
from getrandom.
I think this issue is concluded: we won't implement fall-back sources in this lib.
from getrandom.
Related Issues (20)
- Cannot compile with rust 1.70 and x86_64-unknown-linux-musl target HOT 15
- Support for non-blocking getrandom HOT 2
- Hash pin github workflow dependencies HOT 4
- Constant `__getrandom_internal` should have UPPER_SNAKE_CASE name, e.g. `__GETRANDOM_INTERNAL`rust-analyzernon_upper_case_globals HOT 3
- What versions do platform support track? HOT 4
- Broken link to sys_read_entropy HOT 4
- Rust embedded standard library (no_std) target is not supported HOT 9
- Don't fall back to file I/O on Linux when Rust only supports kernels guaranteed to have it HOT 5
- Potential undefined behavior in hermit implementation. HOT 3
- Cannot use synchronous feature in node 18 HOT 7
- Add support for targets without atomic operations
- Support for UEFI HOT 3
- Failed to build for wasm32-unknown-unknown with no_std HOT 1
- Is the ESPIDF implementation actually correct? HOT 3
- Spurious failures of Web tests on Windows HOT 1
- Port from libc to rustix HOT 7
- Remove file-based RNG fallback on DragonflyBSD HOT 1
- man7 link should be replaced
- The newly updated version "0.2.13" cannot run on mipsel HOT 7
- Error: target is not supported (cargo build-bpf) HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from getrandom.