[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130912222309.GH3809@logfs.org>
Date: Thu, 12 Sep 2013 18:23:09 -0400
From: Jörn Engel <joern@...fs.org>
To: Andy Lutomirski <luto@...capital.net>
Cc: Jeff Garzik <jgarzik@...ox.com>,
David Safford <safford@...ibm.com>,
"H. Peter Anvin" <hpa@...or.com>,
Leonidas Da Silva Barbosa <leosilva@...ux.vnet.ibm.com>,
Ashley Lai <ashley@...leylai.com>,
Rajiv Andrade <mail@...jiv.net>,
Marcel Selhorst <tpmdd@...horst.net>,
Sirrix AG <tpmdd@...rix.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Ted Ts'o <tytso@....edu>, Kent Yoder <key@...ux.vnet.ibm.com>,
David Safford <safford@...son.ibm.com>,
Mimi Zohar <zohar@...ibm.com>,
"Johnston, DJ" <dj.johnston@...el.com>
Subject: Re: TPMs and random numbers
On Thu, 12 September 2013 16:51:15 -0700, Andy Lutomirski wrote:
>
> Supposedly, the Linux entropy pool has the property that mixing in
> even actively malicious data is no worse than not mixing in anything
> at all.
It is worse in three ways:
- it costs performance,
- it may create a false sense of safety and
- it actively does harm if we credit it as entropy.
How much weight you assign to each of those is up to you. So long as
we don't credit any of it as entropy, I am not too adverse to mixing
it in. But I can equally see benefit in burning the bridges.
Jörn
--
There are two ways of constructing a software design: one way is to make
it so simple that there are obviously no deficiencies, and the other is
to make it so complicated that there are no obvious deficiencies.
-- C. A. R. Hoare
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists