Add random crate
#582
Add random crate
#582
Conversation
|
This looks great! |
|
We only expose one source of randomness, so implementing the trait seems unnecessary. The functions would have to be converted to methods on a ZST, and the caller would have to import the |
There was a problem hiding this comment.
Looks generally pretty good to me, I think it'll be an excellent addition to Theseus with a few suggested changes.
FWIW, I do think it would be beneficial to have tighter integration with the rand crate, perhaps by implementing one or more of its traits. We can do that in a future PR, but it seems like a quick & easy addition that would help to standardize random;s public interface.
kernel/random/src/lib.rs
Outdated
| .or_else(|_| rdrand_seed()) | ||
| .unwrap_or_else(|_| { | ||
| log::error!("Could not generate hardware seed - using a predetermined seed. THIS IS NOT OK."); | ||
| [1; 32] |
There was a problem hiding this comment.
this is okay, but it'd probably be better to explicitly initialize our RNG with a backup seed value obtained from something at least partially random, perhaps a current timer value (PIT/RTC/TSC/HPET) or something else.
For this, you can use the spin::Once type or OnceCell or something similar that allows you to pass in values to the init routine, instead of lazy_static. Might as well do that since you're initializing it from the captain anyway.
There was a problem hiding this comment.
Yea that's probably best. We'd need to ensure that rand is only initialised after the timers then.
|
So, to summarize the key points of our discussion:
As part of a future PR we could:
|
Signed-off-by: Klim Tsoutsman <klim@tsoutsman.com>
|
I've changed the PR to simply add a new unused Running [
1,
110,
179,
224,
12,
55,
96,
138,
175,
208,
241,
18,
51,
84,
117,
148,
179,
212,
243,
18,
49,
80,
111,
142,
175,
206,
237,
29,
60,
93,
126,
157,
]The bytes are very clearly increasing in a loop. I tried using just the last bit (calling [
177,
169,
181,
85,
170,
170,
85,
90,
170,
85,
74,
170,
85,
170,
165,
85,
170,
85,
74,
170,
85,
42,
169,
85,
42,
173,
85,
170,
213,
82,
170,
85,
] |
There was a problem hiding this comment.
So now that you've made an infallible init function, we can simply use lazy_static as before. I didn't know you were going to go that route, hence why i suggested Once for an explicit init function that could fail. No need to call it from the captain either.
Also, kindly rename it back to random since rand is already a widely-known crate in the Rust ecosystem.
That's because |
Hmm, i see. While that technically might be a concern for ancient CPUs, I doubt it's of practical concern to us since we don't even support anything prior to 64-bit x86. AFAICT TSC has existed since Pentium was first introduced, so I think we'd be okay. |
Signed-off-by: Klim Tsoutsman <klim@tsoutsman.com>
* Currently based on the `ChaCha20Rng` from the `rand` project. * To generate the initial seed, we use `rdseed`, then `rdrand`, then values from the TSC as a last resort. Signed-off-by: Klim Tsoutsman <klim@tsoutsman.com> 35d5e9c
The crate mimics the
RngCoreinterface. It was namedrandomto notconflict with
rand's symbols.I've also replaced locally defined RNGs in the
ixgbeandota_update_clientcrates, that used the ... HPET timer count asa seed.
A further development could be to expose an
add_entropyfunction.I'm not sure it's a major concren because a CSPRNG seeded with 32 bytes
of entropy should be plenty secure. However, if RDSEED or RDRAND don't
exist, it is absolutely necessary. Adding entropy would require locking
the CSPRNG, generating a random seed, combining it with the entropy, and
reseeding the CSPRNG. This would somehow need to be arbitrated to ensure
the the CSPRNG isn't being constantly reseeded, impacting performance.
Our QEMU configuration currently doesn't support RDSEED, so the backup
RDRAND is used.
Signed-off-by: Klim Tsoutsman klim@tsoutsman.com