lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 14 Nov 2012 13:09:09 -0800
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Kees Cook <keescook@...omium.org>
Cc:	Jeff Liu <jeff.liu@...cle.com>,
	LKML <linux-kernel@...r.kernel.org>,
	Andreas Dilger <aedilger@...il.com>,
	John Sobecki <john.sobecki@...cle.com>,
	"viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>,
	Alan Cox <alan@...ux.intel.com>,
	"arnd@...db.de" <arnd@...db.de>,
	James Morris <james.l.morris@...cle.com>,
	"Ted Ts'o" <tytso@....edu>,
	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
	jakub@...hat.com, drepper@...hat.com,
	"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>
Subject: Re: [RESEND PATCH V3] binfmt_elf.c: use get_random_int() to fix
 entropy depleting

On Tue, 6 Nov 2012 23:13:54 -0800
Kees Cook <keescook@...omium.org> wrote:

> On Tue, Nov 6, 2012 at 11:02 PM, Jeff Liu <jeff.liu@...cle.com> wrote:
> > On 11/07/2012 02:21 PM, Kees Cook wrote:
> >> I still want to hear at least from Ted about this changes -- we would
> >> be potentially increasing the predictability of these bytes...
> >
> > We would not increasing that if this routine would be used for AT_RANDOM
> > only(and if the array keeping aligned to 4 bytes).
> > Otherwise, it would be, so let's waiting for further feedbacks.
> 
> get_random_int() comes from a different pool than get_random_bytes(),
> IIUC. I'd like to hear some convincing reasoning as to why this change
> doesn't compromise predictability. :)

But the original "ELF: implement AT_RANDOM for glibc PRNG seeding"
compromised predictability.  That's the whole point of this patch.

What was so important about that patch that justified gobbling down so
much of the system's entropy accumulation?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ