| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YzaJjfhy4hq4U84l@gondor.apana.org.au>
Date: Fri, 30 Sep 2022 14:15:41 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Dominik Brodowski <linux@...inikbrodowski.net>
Cc: "Jason A. Donenfeld" <Jason@...c4.com>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3] hw_random: core: start hwrng kthread also for
untrusted sources
On Thu, Sep 22, 2022 at 03:59:31PM +0200, Dominik Brodowski wrote:
> Start the hwrng kthread even if the hwrng source has a quality setting
> of zero. Then, every crng reseed interval, one batch of data from this
> zero-quality hwrng source will be mixed into the CRNG pool.
>
> This patch is based on the assumption that data from a hwrng source
> will not actively harm the CRNG state. Instead, many hwrng sources
> (such as TPM devices), even though they are assigend a quality level of
> zero, actually provide some entropy, which is good enough to mix into
> the CRNG pool every once in a while.
>
> Cc: Herbert Xu <herbert@...dor.apana.org.au>
> Cc: Jason A. Donenfeld <Jason@...c4.com>
> Signed-off-by: Dominik Brodowski <linux@...inikbrodowski.net>
> ---
> Thanks to Jason for splitting my v1 into two parts, as per Herbert's
> request. In comparison to v2, I've updated (and shortened) the commit
> message.
Patch applied. Thanks.
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Powered by blists - more mailing lists