| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1228324020.3255.24.camel@calx> Date: Wed, 03 Dec 2008 11:07:00 -0600 From: Matt Mackall <mpm@...enic.com> To: Arjan van de Ven <arjan@...ux.intel.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, Jiri Slaby <jirislaby@...il.com>, linux-kernel@...r.kernel.org, tytso@....edu Subject: Re: mmotm 2008-12-01-19-41: early exception (page fault -- deref of 0x20) On Tue, 2008-12-02 at 15:50 -0800, Arjan van de Ven wrote: > Matt Mackall wrote: > > > > If we oops or warn while picking a timesource, we'll have lots of fun? > > > > we really only need to mix in the tsc; ktime_get() is just an arch friendly way to get that > I supposed (wrongly). > > but yes we need to do a few things > 1) seed on demand with a platform time source Currently we use jiffies + get_cycles(). That's going to have somewhere between, oh, 3 bits of entropy (very stable boot with only jiffies) and 25 bits of entropy (TSC with lots of waiting for hardware) at boot. Ideally, we'd have access to a wall clock of some sort as well. But that's also a fairly limited source - wall clocks are both low resolution and predictable/collision-prone. > 2) have a way where arch init can just hand semi random data during the boot process to > increase the randomness (even if it doesn't count as entropy) A simple wrapper around mix_pool_bytes probably fits the ticket. But I don't think this will solve the general problem of 'large numbers of practically identical machines booting up with the same pre-init random number pools'. Beyond things like MAC addresses and serial numbers (predictable/observable but at least not collision-prone), we have no way to differentiate some boxes. We may need to forcibly generate some timing entropy. Perhaps something like this: http://markmail.org/message/xwsbywr6ziil2qu2 (which is way too slow in its current form) There's a related problem of systems with no way to store a seed across boots. -- Mathematics is the supreme nostalgia of our time. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists