lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 27 Apr 2018 17:38:52 +0200
From:   "Jason A. Donenfeld" <>
To:     "Theodore Y. Ts'o" <>,
        Christian Brauner <>,
        Sultan Alsawaf <>,
        LKML <>, Jann Horn <>
Subject: Re: Linux messages full of `random: get_random_u32 called from`

Hi Ted,

Please correct me if I'm wrong, but my present understanding of this
is that crng readiness used to be broken, meaning people would have a
seeded rng without it actually being seeded. You fixed this bug, and
now people are discovering that they don't have crng readiness during
a late stage of their init, which is breaking all sorts of entirely
reasonable and widely deployed userspaces.

You could argue that those userspaces were "only designed for machines
that have enough [by what measure?] boot time entropy", but obviously
they didn't have that in mind. And now here we have an example of an
ordinary x86 machine -- not some weird embedded device -- hitting
these issues. I'd suspect that the problem here isn't one that we can
exclusively punt onto userspace.

Sultan mentioned that his machine actually does trigger large
quantities of interrupts. Is it possible that the entropy gathering
algorithm has some issues, and Sultan's report points to a real bug
here? Considering the crng readiness state hasn't been working until
your recent fix, I suspect the actual entropy gathering code probably
hasn't prompted too many bug reports, until now that is.


Powered by blists - more mailing lists