lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 06 Apr 2009 12:01:23 -0700
From:	Matt Mackall <mpm@...enic.com>
To:	Robin Getz <rgetz@...ckfin.uclinux.org>
Cc:	netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
	Chris Peterson <cpeterso@...terso.com>
Subject: Re: IRQF_SAMPLE_RANDOM question...

On Mon, 2009-04-06 at 14:30 -0400, Robin Getz wrote:
> Although there was some discussion  
> http://thread.gmane.org/gmane.linux.kernel/680723
> 
> about removing IRQF_SAMPLE_RANDOM from the remaining network drivers in May of 
> 2008, but they still appears to be there in 2.6.29.
> 
> drivers/net/ibmlana.c
> drivers/net/macb.c
> drivers/net/3c523.c
> drivers/net/3c527.c
> drivers/net/netxen/netxen_nic_main.c
> drivers/net/cris/eth_v10.c
> drivers/net/xen-netfront.c
> drivers/net/atlx/atl1.c
> drivers/net/qla3xxx.c
> drivers/net/tg3.c
> drivers/net/niu.c
> 
> So what is the plan? If I send a patch to add IRQF_SAMPLE_RANDOM to others 
> (like the Blackfin) networking drivers - will it get rejected?
> 
> We have lots of embedded headless systems (no keyboard/mouse, no soundcard, no 
> video) systems with *no* sources of entropy - and people using SSL.

I'd rather add a random_sample_network call somewhere reasonably central
in the network stack. Then we can use the knowledge that the sample is
network-connected in the random core to decide how to measure its
entropy. The trouble with IRQF_SAMPLE_RANDOM is that many of its users
are technically bogus as entropy sources in the current model.

I'm eventually going to move the RNG away from the strict theoretical
entropy accounting model to a more pragmatic one which will be much
happier with iffy entropy sources, but that's a ways off.

-- 
http://selenic.com : development and support for Mercurial and Linux


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ