lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20090913094409.2dd88212@opy.nosense.org>
Date:	Sun, 13 Sep 2009 09:44:09 +0930
From:	Mark Smith <lk-netdev@...netdev.nosense.org>
To:	Joe Perches <joe@...ches.com>
Cc:	Stephen Hemminger <shemminger@...tta.com>,
	David Miller <davem@...emloft.net>,
	jeffrey.t.kirsher@...el.com, netdev@...r.kernel.org,
	gospo@...hat.com, gregory.v.rose@...el.com,
	donald.c.skidmore@...el.com
Subject: Re: [net-next PATCH] etherdevice.h: random_ether_addr update

On Fri, 11 Sep 2009 17:57:47 -0700
Joe Perches <joe@...ches.com> wrote:

> On Fri, 2009-09-11 at 14:15 -0700, Stephen Hemminger wrote:
> > On Fri, 2009-09011 at 13:20 -0700 Joe Perches wrote:
> > > Do not use get_random_bytes to avoid drawing down entropy pool.
> > Getting 6 bytes once is not going to be enough of a problem
> > to drain the pool. I prefer not to weaken the randomness here.
> 
> I see no reason to draw down the entropy pool.
> 
> I have a hard time imagining that a random mac address
> needs more than reasonably random values.
> 

One factor to consider is the amount of effort involved in
troubleshooting duplicate mac address problems. They don't happen
very often, and most people won't encounter them at all. That means
they're very low on the list of things you suspect when
troubleshooting, so you spend a lot of time investigating other things
first, without that time providing any value once you work out what the
actual fault it. Once you work out what the problem is, working out
which devices are causing it can also be an effort, as, of course, they
now don't have unique identifiers.



> Why do you think it's reasonable to draw from the
> entropy pool?
> 
> cheers, Joe
> 
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ