| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=whwSt4RqzqM7cA5SAhj+wkORfr1bG=+yydTJPtayQ0JwQ@mail.gmail.com>
Date: Mon, 16 Sep 2019 16:05:47 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Matthew Garrett <mjg59@...f.ucam.org>
Cc: "Theodore Y. Ts'o" <tytso@....edu>, Willy Tarreau <w@....eu>,
Vito Caputo <vcaputo@...garu.com>,
"Ahmed S. Darwish" <darwish.07@...il.com>,
Lennart Poettering <mzxreary@...inter.de>,
Andreas Dilger <adilger.kernel@...ger.ca>,
Jan Kara <jack@...e.cz>, Ray Strode <rstrode@...hat.com>,
William Jon McCann <mccann@....edu>,
"Alexander E. Patrakov" <patrakov@...il.com>,
zhangjs <zachary@...shancloud.com>, linux-ext4@...r.kernel.org,
lkml <linux-kernel@...r.kernel.org>
Subject: Re: Linux 5.3-rc8
On Mon, Sep 16, 2019 at 4:02 PM Matthew Garrett <mjg59@...f.ucam.org> wrote:
>
> The semantics many people want for secure key generation is urandom, but
> with a guarantee that it's seeded.
And that is exactly what I'd suggest GRND_SECURE should do.
The problem with:
> getrandom()'s default behaviour at present provides that
is that exactly because it's the "default" (ie when you don't pass any
flags at all), that behavior is what all the random people get who do
*not* really intentionally want it, they just don't think about it.
> Changing the default (even with kernel warnings) seems like
> it risks people generating keys from an unseeded prng, and that seems
> like a bad thing?
I agree that it's a horrible thing, but the fact that the default 0
behavior had that "wait for entropy" is what now causes boot problems
for people.
Linus
Powered by blists - more mailing lists