| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YgirLX70xHFXTMDf@owl.dominikbrodowski.net> Date: Sun, 13 Feb 2022 07:54:37 +0100 From: Dominik Brodowski <linux@...inikbrodowski.net> To: "Jason A. Donenfeld" <Jason@...c4.com> Cc: linux-kernel@...r.kernel.org, Theodore Ts'o <tytso@....edu> Subject: Re: [PATCH v2 05/10] random: group crng functions > @@ -724,54 +563,433 @@ static void crng_make_state(u32 chacha_state[CHACHA_STATE_WORDS], > local_unlock_irqrestore(&crngs.lock, flags); > } > > -static ssize_t get_random_bytes_user(void __user *buf, size_t nbytes) > +/* > + * This function is for crng_init < 2 only. No, it's for crng_init == 0 only. > +/* > + * This function is for crng_init < 2 only. Same here. > + * Batched entropy returns random integers. The quality of the random > + * number is good as /dev/urandom. In order to ensure that the randomness /dev/random > +size_t __must_check get_random_bytes_arch(void *buf, size_t nbytes) Sidenote: We should get rid of the sole caller of that function, and then of this function. AFAICS, using get_random_bytes() (once rand_initialize() has been called) should never be less secure than get_random_bytes_arch() IFF arch_get_random_long() exists -- which is what the sole caller seems to be interested in. Otherwise, all looks good. Thanks, Dominik
Powered by blists - more mailing lists