| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <90816.1352178872@turing-police.cc.vt.edu>
Date: Tue, 06 Nov 2012 00:14:32 -0500
From: Valdis.Kletnieks@...edu
To: Akinobu Mita <akinobu.mita@...il.com>
Cc: linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
"Theodore Ts'o" <tytso@....edu>,
Artem Bityutskiy <dedekind1@...il.com>,
Adrian Hunter <adrian.hunter@...el.com>,
David Woodhouse <dwmw2@...radead.org>,
linux-mtd@...ts.infradead.org,
Eilon Greenstein <eilong@...adcom.com>, netdev@...r.kernel.org,
Robert Love <robert.w.love@...el.com>, devel@...n-fcoe.org,
Michel Lespinasse <walken@...gle.com>
Subject: Re: [PATCH v2 00/11] introduce random32_get_bytes() and random32_get_bytes_state()
On Sun, 04 Nov 2012 00:43:31 +0900, Akinobu Mita said:
> This patchset introduces new functions into random32 library for
> getting the requested number of pseudo-random bytes.
>
> Before introducing these new functions into random32 library,
> prandom32() and prandom32_seed() with "prandom32" prefix are
> renamed to random32_state() and srandom32_state() respectively.
>
> The purpose of this renaming is to prevent some kernel developers
> from assuming that prandom32() and random32() might imply that only
> prandom32() was the one using a pseudo-random number generator by
> prandom32's "p", and the result may be a very embarassing security
> exposure.
Out of curiosity, why the '32'? I'm just waiting for some kernel developer to
do something stupid with this on a 64-bit arch because they think it's a 32-bit API. ;)
Should we bite the bullet and lose the 32, as long as we're churning the code *anyhow*?
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists