lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 Mar 2022 10:56:44 -0700 From: Guenter Roeck <linux@...ck-us.net> To: "Jason A. Donenfeld" <Jason@...c4.com> Cc: linux-kernel@...r.kernel.org, linux-crypto@...r.kernel.org, linux-arch@...r.kernel.org, Dinh Nguyen <dinguyen@...nel.org>, Nick Hu <nickhu@...estech.com>, Max Filippov <jcmvbkbc@...il.com>, Palmer Dabbelt <palmer@...belt.com>, "David S . Miller" <davem@...emloft.net>, Yoshinori Sato <ysato@...rs.sourceforge.jp>, Michal Simek <monstr@...str.eu>, Borislav Petkov <bp@...en8.de>, Guo Ren <guoren@...nel.org>, Geert Uytterhoeven <geert@...ux-m68k.org>, Joshua Kinard <kumba@...too.org>, David Laight <David.Laight@...lab.com>, Dominik Brodowski <linux@...inikbrodowski.net>, Eric Biggers <ebiggers@...gle.com>, Ard Biesheuvel <ardb@...nel.org>, Arnd Bergmann <arnd@...db.de>, Thomas Gleixner <tglx@...utronix.de>, Andy Lutomirski <luto@...nel.org>, Kees Cook <keescook@...omium.org>, Lennart Poettering <mzxreary@...inter.de>, Konstantin Ryabitsev <konstantin@...uxfoundation.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Theodore Ts'o <tytso@....edu> Subject: Re: [PATCH v1] random: block in /dev/urandom On 3/22/22 10:09, Jason A. Donenfeld wrote: > Hey Guenter, > > On Tue, Mar 22, 2022 at 08:58:20AM -0700, Guenter Roeck wrote: >> On Thu, Feb 17, 2022 at 05:28:48PM +0100, Jason A. Donenfeld wrote: >>> This topic has come up countless times, and usually doesn't go anywhere. >>> This time I thought I'd bring it up with a slightly narrower focus, >>> updated for some developments over the last three years: we finally can >>> make /dev/urandom always secure, in light of the fact that our RNG is >>> now always seeded. >>> >> >> [ ... ] >> >> This patch (or a later version of it) made it into mainline and causes a >> large number of qemu boot test failures for various architectures (arm, >> m68k, microblaze, sparc32, xtensa are the ones I observed). Common >> denominator is that boot hangs at "Saving random seed:". A sample bisect >> log is attached. Reverting this patch fixes the problem. > > As Linus said, it was worth a try, but I guess it just didn't work. For > my own curiosity, though, do you have a link to those QEMU VMs you could > share? I'd sort of like to poke around, and if we do ever reattempt this > sometime down the road, it seems like understanding everything about why > the previous time failed might be a good idea. > Everything - including the various root file systems - is at git@...hub.com:groeck/linux-build-test.git. Look into rootfs/ for the various boot tests. I'll be happy to provide some qemu command lines if needed. Guenter
Powered by blists - more mailing lists