lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 22 Oct 2016 01:10:26 -0400
From:   Theodore Ts'o <tytso@....edu>
To:     Stephan Mueller <smueller@...onox.de>
Cc:     linux-kernel@...r.kernel.org
Subject: Re: why getrandom blocking does not work with /dev/urandom

On Sat, Oct 22, 2016 at 05:43:36AM +0200, Stephan Mueller wrote:
> Hi Ted,
> 
> as mentioned, I looked a bit deeper into the issue of adding the blocking 
> behavior of getrandom to /dev/urandom.
> 
> As you and I already identified, moving that blocking behavior to /dev/urandom 
> simply does not work. The system does not boot.
> 
> The reason to this issue is actually quite simple. The init process of systemd 
> reads /dev/urandom for whatever purpose. Now, when /dev/urandom blocks during 
> boot, systemd will be blocked too. That means that user space (either in the 
> initramfs or with the regular root partition) is set up.

I think you mean "is blocked from being set up".

> When there is no user space initialized, there are no devices set up. The 
> network card is not initialized, the block devices are not mounted, other 
> devices are not initialized. That means that neither interrupts nor block 
> device events are registered.

Well, those devices which are have already been initialized before
systemd starts will be fine.  Personally I believe in using built-in
drivers instead of depending on kernel modules for everything, but for
distribution kernels, yes, that's true.

In any case, yes, you're not telling me anything I didn't know.  What
I didn't know and still don't know is *why* systemd is tryinig to read
from /dev/urandom.  e.g., is it trying to initialize cryptographic
keys, the better to allow the Russians or the Chinese to set up
botnets which can take over IOT devices and paralyze root nameservers?
Or is it reading /dev/urandom for purely stupid, pointless,
non-cryptographic reasons?

I'm not sure which is worse, actually....

						- Ted

Powered by blists - more mailing lists