Skip to content

Commit

Permalink
Remove automatic (delayed) reseed-on-fork (#1379)
Browse files Browse the repository at this point in the history
* benches/generators.rs: standardize thread_rng benchmarks
* Remove cfgs from examples
* Remove ReadRng
* Add ThreadRng::reseed and doc to use
* Remove fork protection from ReseedingRng; remove libc dep
* Enable ReseedingRng without std
* Move ReseedingRng up; remove module rand::rngs::adapter
  • Loading branch information
dhardy authored Mar 18, 2024
1 parent b45e892 commit 4cbbb34
Show file tree
Hide file tree
Showing 13 changed files with 53 additions and 311 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ You may also find the [Upgrade Guide](https://rust-random.github.io/book/update.
## [0.9.1] - unreleased
- Add the `Slice::num_choices` method to the Slice distribution (#1402)

### Generators
- `ReseedingRng::reseed` also resets the random data cache.
- Remove fork-protection from `ReseedingRng` and `ThreadRng`. Instead, it is recommended to call `ThreadRng::reseed` on fork.

## [0.9.0-alpha.0] - 2024-02-18
This is a pre-release. To depend on this version, use `rand = "=0.9.0-alpha.0"` to prevent automatic updates (which can be expected to include breaking changes).

Expand Down
8 changes: 2 additions & 6 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ include = ["src/", "LICENSE-*", "README.md", "CHANGELOG.md", "COPYRIGHT"]
# To build locally:
# RUSTDOCFLAGS="--cfg doc_cfg -Zunstable-options --generate-link-to-definition" cargo +nightly doc --all --all-features --no-deps --open
all-features = true
rustdoc-args = ["--cfg", "doc_cfg", "--generate-link-to-definition"]
rustdoc-args = ["--cfg", "doc_cfg", "-Zunstable-options", "--generate-link-to-definition"]

[package.metadata.playground]
features = ["small_rng", "serde1"]
Expand All @@ -34,7 +34,7 @@ serde1 = ["serde", "rand_core/serde1"]

# Option (enabled by default): without "std" rand uses libcore; this option
# enables functionality expected to be available on a standard platform.
std = ["rand_core/std", "rand_chacha?/std", "alloc", "libc"]
std = ["rand_core/std", "rand_chacha?/std", "alloc"]

# Option: "alloc" enables support for Vec and Box when not using "std"
alloc = ["rand_core/alloc"]
Expand Down Expand Up @@ -71,10 +71,6 @@ serde = { version = "1.0.103", features = ["derive"], optional = true }
rand_chacha = { path = "rand_chacha", version = "=0.9.0-alpha.0", default-features = false, optional = true }
zerocopy = { version = "=0.8.0-alpha.6", default-features = false, features = ["simd"] }

[target.'cfg(unix)'.dependencies]
# Used for fork protection (reseeding.rs)
libc = { version = "0.2.22", optional = true, default-features = false }

[dev-dependencies]
rand_pcg = { path = "rand_pcg", version = "=0.9.0-alpha.0" }
# Only to test serde1
Expand Down
3 changes: 0 additions & 3 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,6 @@ are expected to provide the following:
For some RNGs, notably `OsRng`, `ThreadRng` and those wrapped by `ReseedingRng`,
we provide limited mitigations against side-channel attacks:

- After a process fork on Unix, there is an upper-bound on the number of bits
output by the RNG before the processes diverge, after which outputs from
each process's RNG are uncorrelated
- After the state (memory) of an RNG is leaked, there is an upper-bound on the
number of bits of output by the RNG before prediction of output by an
observer again becomes computationally-infeasible
Expand Down
26 changes: 4 additions & 22 deletions benches/generators.rs
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ use core::mem::size_of;
use test::{black_box, Bencher};

use rand::prelude::*;
use rand::rngs::adapter::ReseedingRng;
use rand::rngs::ReseedingRng;
use rand::rngs::{mock::StepRng, OsRng};
use rand_chacha::{ChaCha12Rng, ChaCha20Core, ChaCha20Rng, ChaCha8Rng};
use rand_pcg::{Pcg32, Pcg64, Pcg64Mcg, Pcg64Dxsm};
Expand Down Expand Up @@ -52,6 +52,7 @@ gen_bytes!(gen_bytes_std, StdRng::from_entropy());
#[cfg(feature = "small_rng")]
gen_bytes!(gen_bytes_small, SmallRng::from_thread_rng());
gen_bytes!(gen_bytes_os, OsRng);
gen_bytes!(gen_bytes_thread, thread_rng());

macro_rules! gen_uint {
($fnn:ident, $ty:ty, $gen:expr) => {
Expand Down Expand Up @@ -82,6 +83,7 @@ gen_uint!(gen_u32_std, u32, StdRng::from_entropy());
#[cfg(feature = "small_rng")]
gen_uint!(gen_u32_small, u32, SmallRng::from_thread_rng());
gen_uint!(gen_u32_os, u32, OsRng);
gen_uint!(gen_u32_thread, u32, thread_rng());

gen_uint!(gen_u64_step, u64, StepRng::new(0, 1));
gen_uint!(gen_u64_pcg32, u64, Pcg32::from_entropy());
Expand All @@ -95,6 +97,7 @@ gen_uint!(gen_u64_std, u64, StdRng::from_entropy());
#[cfg(feature = "small_rng")]
gen_uint!(gen_u64_small, u64, SmallRng::from_thread_rng());
gen_uint!(gen_u64_os, u64, OsRng);
gen_uint!(gen_u64_thread, u64, thread_rng());

macro_rules! init_gen {
($fnn:ident, $gen:ident) => {
Expand Down Expand Up @@ -141,24 +144,3 @@ reseeding_bytes!(reseeding_chacha20_32k, 32);
reseeding_bytes!(reseeding_chacha20_64k, 64);
reseeding_bytes!(reseeding_chacha20_256k, 256);
reseeding_bytes!(reseeding_chacha20_1M, 1024);


macro_rules! threadrng_uint {
($fnn:ident, $ty:ty) => {
#[bench]
fn $fnn(b: &mut Bencher) {
let mut rng = thread_rng();
b.iter(|| {
let mut accum: $ty = 0;
for _ in 0..RAND_BENCH_N {
accum = accum.wrapping_add(rng.gen::<$ty>());
}
accum
});
b.bytes = size_of::<$ty>() as u64 * RAND_BENCH_N;
}
};
}

threadrng_uint!(thread_rng_u32, u32);
threadrng_uint!(thread_rng_u64, u64);
3 changes: 0 additions & 3 deletions examples/monte-carlo.rs
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,6 @@
//! We can use the above fact to estimate the value of π: pick many points in
//! the square at random, calculate the fraction that fall within the circle,
//! and multiply this fraction by 4.
#![cfg(all(feature = "std", feature = "std_rng"))]

use rand::distributions::{Distribution, Uniform};

fn main() {
Expand Down
2 changes: 0 additions & 2 deletions examples/monty-hall.rs
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,6 @@
//!
//! [Monty Hall Problem]: https://en.wikipedia.org/wiki/Monty_Hall_problem
#![cfg(all(feature = "std", feature = "std_rng"))]

use rand::distributions::{Distribution, Uniform};
use rand::Rng;

Expand Down
2 changes: 0 additions & 2 deletions examples/rayon-monte-carlo.rs
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,6 @@
//! over BATCH_SIZE trials. Manually batching also turns out to be faster
//! for the nondeterministic version of this program as well.
#![cfg(all(feature = "std", feature = "std_rng"))]

use rand::distributions::{Distribution, Uniform};
use rand_chacha::{rand_core::SeedableRng, ChaCha8Rng};
use rayon::prelude::*;
Expand Down
16 changes: 0 additions & 16 deletions src/rngs/adapter/mod.rs

This file was deleted.

150 changes: 0 additions & 150 deletions src/rngs/adapter/read.rs

This file was deleted.

4 changes: 2 additions & 2 deletions src/rngs/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -96,8 +96,8 @@
//! [`rand_xoshiro`]: https://crates.io/crates/rand_xoshiro
//! [`rng` tag]: https://crates.io/keywords/rng
#[cfg_attr(doc_cfg, doc(cfg(feature = "std")))]
#[cfg(feature = "std")] pub mod adapter;
mod reseeding;
pub use reseeding::ReseedingRng;

pub mod mock; // Public so we don't export `StepRng` directly, making it a bit
// more clear it is intended for testing.
Expand Down
Loading

0 comments on commit 4cbbb34

Please sign in to comment.