Re: random() (was Re: New GUC to sample log queries)
Thomas Munro <thomas.munro@enterprisedb.com>
From: Thomas Munro <thomas.munro@enterprisedb.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Heikki Linnakangas <hlinnaka@iki.fi>, Peter Geoghegan <pg@bowt.ie>,
Michael Paquier <michael@paquier.xyz>, Alvaro Herrera <alvherre@2ndquadrant.com>,
Adrien Nayrat <adrien.nayrat@anayrat.info>, Dmitry Dolgov <9erthalion6@gmail.com>,
Tomas Vondra <tomas.vondra@2ndquadrant.com>, Vik Fearing <vik.fearing@2ndquadrant.com>,
Robert Haas <robertmhaas@gmail.com>, David Rowley <david.rowley@2ndquadrant.com>,
Pg Hackers <pgsql-hackers@postgresql.org>
Date: 2018-12-29T00:45:59Z
Lists: pgsql-hackers
On Sat, Dec 29, 2018 at 1:37 PM Tom Lane <tgl@sss.pgh.pa.us> wrote: > I wrote: > > Looking at this, I seem to remember that we considered doing exactly this > > awhile ago, but refrained because there was concern about depleting the > > system's reserve of entropy if we have a high backend spawn rate, and it > > didn't seem like there was a security reason to insist on unpredictable > > random() results. However, the log-sampling patch destroys the latter > > argument. As for the former argument, I'm not sure how big a deal that > > really is. Presumably, the act of spawning a backend would itself > > contribute some more entropy to the pool (particularly if a network > > connection is involved), so the depletion problem might be fictitious > > in the first place. Also, a few references I consulted, such as the > > Linux urandom(4) man page, suggest that even in a depleted-entropy > > state the results of reading /dev/urandom should be random enough > > for all but the very strictest security requirements. > > I did some experimentation, watching /proc/sys/kernel/random/entropy_avail > while continuously spawning backends, and I can't see any difference in > behavior with or without this patch. If there is any effect at all, it's > completely swamped by other noise (and there's a lot of noise, even on a > machine that's idle). > > Also, further googling says there's a pretty sizable body of opinion that > Linux's available-entropy calculation is bogus anyway: once the system's > acquired a reasonable amount of entropy, no amount of reading from > /dev/urandom will cause the randomness of the results to decrease. > So there's no reason to be concerned about whether we're reading it > "too much". I was going to suggest that we might be able to use a single not-visible-to-users number that is mixed into the existing recipe, so that we only ever read urandom once for the cluster. But it sounds like it's not a problem, and it's probably better to just pass the whole problem over to the OS. -- Thomas Munro http://www.enterprisedb.com
Commits
-
Use pg_strong_random() to select each server process's random seed.
- 4203842a1cd0 12.0 landed
-
Use a separate random seed for SQL random()/setseed() functions.
- 6645ad6bdd81 12.0 landed
-
Marginal performance hacking in erand48.c.
- 6b9bba2df8d4 12.0 landed
-
Fix latent problem with pg_jrand48().
- e09046641114 12.0 landed
- f256995e33d2 10.7 landed
- d58e01f8abe2 11.2 landed
-
Silence compiler warning
- 9dc122585551 12.0 landed
-
Add log_statement_sample_rate parameter
- 88bdbd3f7460 12.0 landed