| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 29 Apr 2018 19:07:29 -0400
From: Dave Jones <davej@...emonkey.org.uk>
To: "Theodore Y. Ts'o" <tytso@....edu>,
Paul Menzel <pmenzel+linux-random-number@...gen.mpg.de>,
linux-kernel@...r.kernel.org
Subject: Re: Linux messages full of `random: get_random_u32 called from`
On Sun, Apr 29, 2018 at 07:02:02PM -0400, Dave Jones wrote:
> On Tue, Apr 24, 2018 at 09:56:21AM -0400, Theodore Y. Ts'o wrote:
>
> > Can you tell me a bit about your system? What distribution, what
> > hardware is present in your sytsem (what architecture, what
> > peripherals are attached, etc.)?
> >
> > There's a reason why we made this --- we were declaring the random
> > number pool to be fully intialized before it really was, and that was
> > a potential security concern. It's not as bad as the weakness
> > discovered by Nadia Heninger in 2012. (See https://factorable.net for
> > more details.) However, this is not one of those things where we like
> > to fool around.
> >
> > So I want to understand if this is an issue with a particular hardware
> > configuration, or whether it's just a badly designed Linux init system
> > or embedded setup, or something else. After all, you wouldn't want
> > the NSA spying on all of your network traffic, would you? :-)
>
> Why do we continue to print this stuff out when crng_init=1 though ?
answering my own question, I think.. This is a tristate, and we need it
to be >1 to be quiet, which doesn't happen until..
> [ 165.806247] random: crng init done
this point.
Dave
Powered by blists - more mailing lists