lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 15 Sep 2019 09:27:05 +0200 From: "Ahmed S. Darwish" <darwish.07@...il.com> To: Lennart Poettering <mzxreary@...inter.de> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, "Theodore Y. Ts'o" <tytso@....edu>, Andreas Dilger <adilger.kernel@...ger.ca>, Jan Kara <jack@...e.cz>, Ray Strode <rstrode@...hat.com>, William Jon McCann <mccann@....edu>, "Alexander E. Patrakov" <patrakov@...il.com>, zhangjs <zachary@...shancloud.com>, linux-ext4@...r.kernel.org, lkml <linux-kernel@...r.kernel.org> Subject: Re: Linux 5.3-rc8 On Sun, Sep 15, 2019 at 08:51:42AM +0200, Lennart Poettering wrote: > On Sa, 14.09.19 09:30, Linus Torvalds (torvalds@...ux-foundation.org) wrote: [...] > > And please don't break /dev/urandom again. The above code is the ony > way I see how we can make /dev/urandom-derived swap encryption safe, > and the only way I can see how we can sanely write a valid random seed > to disk after boot. > Any hope in making systemd-random-seed(8) credit that "random seed from previous boot" file, through RNDADDENTROPY, *by default*? Because of course this makes the problem reliably go away on my system too (as discussed in the original bug report, but you were not CCed). I know that by v243, just released 12 days ago, this can be optionally done through SYSTEMD_RANDOM_SEED_CREDIT=1. I wonder though if it can ever be done by default, just like what the BSDs does... This would solve a big part of the current problem. > Lennart thanks, -- darwi http://darwish.chasingpointers.com
Powered by blists - more mailing lists