arc4random - are you sure we want these?
Jeffrey Walton
noloader@gmail.com
Mon Jul 25 13:25:58 GMT 2022
On Mon, Jul 25, 2022 at 7:08 AM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> ...
> > The performance numbers suggest that we benefit from buffering in user
> > space.
>
> The question is whether it's safe and advisable to buffer this way in
> userspace. Does userspace have the right information now of when to
> discard the buffer and get a new one? I suspect it does not.
I _think_ the sharp edge on userspace buffering is generator state.
Most generator threat models I have seen assume the attacker does not
know the generator's state. If buffering occurs in the application,
then it may be easier for an attacker to learn of the generator's
state. If buffering occurs in the kernel, then generator state should
be private from an userspace application's view.
Jeff
More information about the Libc-alpha
mailing list