lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 23 May 2024 12:53:04 +0300
From: "Jarkko Sakkinen" <jarkko@...nel.org>
To: "Herbert Xu" <herbert@...dor.apana.org.au>, "Linus Torvalds"
 <torvalds@...ux-foundation.org>
Cc: NĂ­colas F. R. A. Prado <nfraprado@...labora.com>,
 "Eric Biggers" <ebiggers@...nel.org>, "James Bottomley"
 <James.Bottomley@...senpartnership.com>, "Ard Biesheuvel"
 <ardb@...nel.org>, "Linux Crypto Mailing List"
 <linux-crypto@...r.kernel.org>, <linux-integrity@...r.kernel.org>,
 <keyrings@...r.kernel.org>, <regressions@...ts.linux.dev>,
 <kernel@...labora.com>, "Tejun Heo" <tj@...nel.org>, "Linux Kernel Mailing
 List" <linux-kernel@...r.kernel.org>, "Kees Cook" <keescook@...omium.org>,
 "Torsten Duwe" <duwe@....de>, "H. Peter Anvin" <hpa@...or.com>, "Theodore
 Ts'o" <tytso@....edu>, "Jason A. Donenfeld" <Jason@...c4.com>
Subject: Re: [v3 PATCH] hwrng: core - Remove add_early_randomness

On Thu May 23, 2024 at 7:49 AM EEST, Herbert Xu wrote:
> On Wed, May 22, 2024 at 03:53:23PM -0700, Linus Torvalds wrote:
> > 
> > That said, looking at the code in question, there are other oddities
> > going on. Even the "we found a favorite new rng" case looks rather
> > strange. The thread we use - nice and asynchronous - seems to sleep
> > only if the randomness source is emptied.
> > 
> > What if you have a really good source of hw randomness? That looks
> > like a busy loop to me, but hopefully I'm missing something obvious.
>
> Yes that does look strange.  So I dug up the original patch at
>
> 	https://lore.kernel.org/all/20140317165012.GC1763@lst.de/
>
> and therein lies the answer.  It's relying on random.c to push back
> when the amount of new entropy exceeds what it needs.  IOW we will
> sleep via add_hwgenerator_randomness when random.c decides that
> enough is enough.  In fact the rate is much less now compared to
> when the patch was first applied.

Just throwing something because came to mind, not a serious suggestion.

In crypto_larval_lookup I see statements like this:

	request_module("crypto-%s", name);

You could potentially bake up a section/table to vmlinux which would
have entries like:

	"module name", 1/0

'1' would mean built-in. Then for early randomness use only stuff
that is built-in.

Came to mind from arch/x86/realmode for which I baked in a table
for relocation (this was a collaborative work with H. Peter Anvin
in 2012 to make trampoline code relocatable but is still a legit
example to do such shenanigans in a subystem).

BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ