lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 18 Jul 2014 11:33:25 -0500
From:	Brent Cook <busterb@...il.com>
To:	Theodore Ts'o <tytso@....edu>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] [RFC] initial getrandom wrapper to provide getentropy for LibreSSL

On Jul 18, 2014, at 11:19 AM, Theodore Ts'o <tytso@....edu> wrote:

> On Fri, Jul 18, 2014 at 08:09:52AM -0500, Brent Cook wrote:
>> On Jul 18, 2014, at 1:49 AM, Brent Cook <busterb@...il.com> wrote:
>> 
>>> From: Brent Cook <bcook@...nbsd.org>
>>> 
>>> This is not a kernel patch, but rather an initial test of the API to see
>>> how it might mesh LibreSSL's expectations for how getentropy works.
>>> 
>>> It is a bit more code to carefully handle the extra return values, as
>>> not reading enough bytes, because there is an unhandled EINTR, might
>>> lead to an unseeded CSPRNG.
> 
> Take a look at the latest patch for getrandom.  It contains a
> suggested wrapper which should be sufficient for emulation of
> OpenBSD's getentropy(), and a lot of discussion of when you don't need
> to worry about getting the EINTR.
> 
>   http://lists.openwall.net/linux-kernel/2014/07/18/329
> 
> Again, please don't commit anything until the syscall number and
> interface is finalized.  What is out here is for review, and I already
> have in the git commit a suggested wrapper to provide getentropy(2).
> If you don't think it's good enough, please let me know what your
> concerns might be.  (And yes, I've fixed the obvious missing open
> brace already.  :-)
> 
>   	      	      	  	     	      	    - Ted

Ah, that looks good to me.

I had just stubbed in the placeholder numbers for local testing purposes, no problem holding until it is finalized.

 Thanks!

 - Brent

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ