| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170814190013.zixopgjyq26ukxcj@pd.tnic>
Date: Mon, 14 Aug 2017 21:00:13 +0200
From: Borislav Petkov <bp@...en8.de>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: x86-ml <x86@...nel.org>, Theodore Ts'o <tytso@....edu>,
"Jason A. Donenfeld" <Jason@...c4.com>,
lkml <linux-kernel@...r.kernel.org>
Subject: Re: early x86 unseeded randomness
On Mon, Aug 14, 2017 at 11:17:37AM -0700, Linus Torvalds wrote:
> Ok, guys, you ALL need to learn that blindly just trying to get rid of
> warnings IS A HORRIBLE IDEA.
Not blindly - I was actually suggesting/asking whether falling back to
the TSC that early during boot might make more sense than using unseeded
randomness. Especially add the least significant 32 bits to the most
significant i.e., that thing:
tsc + (tsc << 32UL)
as they're more unpredictable.
> But maybe those places that currently trigger the warning should just
> use "get_random_u32()" instead. That at least gets rid of the warning
> if there's a fast architected hardware random thing (ie modern x86).
Right, that is better, at least for the RDRAND machines.
We'd still need a proper fix for the older ones. And I don't see an
easy way to change the init ordering for the stack canary as it gets
setup very very early in start_kernel() vs crng_initialize() being an
early_initcall()... Need to sleep on it.
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
Powered by blists - more mailing lists