Re: [PATCH] ELF: implement AT_RANDOM for future glibc use

view
thread

!MAILaRCHIVE_VOTE_RePLACE

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Kees Cook <kees.cook@...>

Cc: Andi Kleen <andi@...>, Roland McGrath <roland@...>, <linux-kernel@...>, Jakub Jelinek <jakub@...>, Ulrich Drepper <drepper@...>, <libc-alpha@...>

Subject: Re: [PATCH] ELF: implement AT_RANDOM for future glibc use

Date: Monday, October 6, 2008 - 3:26 pm

> We're already using get_random* for stack, heap, and brk.  Also,
quoted text> get_random* uses the nonblocking pool, so this is the same as if userspace
> had tried to pull bytes out of /dev/urandom, which (as I understand it)

Yes exactly that's the problem. Think about it: do you really 
need the same cryptographic strength for your mmap placement
as you need for your SSL session keys?

And if you need true entropy for your session keys do you
still get it when it was all used for low security 
purposes first?

quoted text> > What you should instead do is to initialize some other cryptographic RNG
> > regularly and use the output of that.
> 
> Can you give me some examples of this?  I thought the nonblocking
> entropy pool was specifically for this purpose?

It's definitely not a "general purpose random number generator"
or even a "general purpose secure random number generator"

Since so many systems have poor entropy input /dev/urandom has generally 
replaced /dev/random for near all cryptographic software, so it's
just the new black.

-Andi

-- 
ak@linux.intel.com
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Thu Oct 2, 8:16 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 2:00 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 1:50 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 3:26 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 6:07 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Mon Oct 6, 7:58 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 8:31 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 8:57 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 9:44 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 9:51 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Mon Oct 6, 8:08 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:28 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 6:01 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:19 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Mon Oct 6, 7:29 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Andi Kleen, (Mon Oct 6, 7:44 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Thu Oct 2, 8:52 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:15 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Roland McGrath, (Fri Oct 3, 4:22 pm)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Jakub Jelinek, (Thu Oct 2, 8:43 pm)

[PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:29 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Arjan van de Ven, (Fri Oct 3, 1:57 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Ulrich Drepper, (Fri Oct 3, 2:25 am)

[PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 10:50 am)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Jakub Jelinek, (Fri Oct 3, 10:57 am)

[PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 1:33 pm)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Fri Oct 3, 1:41 pm)

[PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Kees Cook, (Fri Oct 3, 1:59 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Andrew Morton, (Tue Oct 21, 4:01 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Tue Oct 21, 4:22 pm)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Andrew Morton, (Mon Oct 27, 1:46 am)

Re: [PATCH v5] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Sat Oct 18, 1:42 am)

Re: [PATCH] ELF: implement AT_RANDOM for glibc PRNG seeding, Ulrich Drepper, (Fri Oct 3, 10:56 am)

Re: [PATCH] ELF: implement AT_RANDOM for future glibc use, Kees Cook, (Fri Oct 3, 1:25 am)

Navigation

Popular discussions


linux-kernel:
david	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Eric Sandeen	Re: [RFC] Heads up on sys_fallocate()
Filippos Papadopoulos	Re: INITIO scsi driver fails to work properly
Greg KH	[GIT PATCH] driver core patches against 2.6.24
git:

linux-netdev:
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
David Miller	[GIT]: Networking
Jarek Poplawski	[PATCH take 2] pkt_sched: Protect gen estimators under est_lock.
Natalie Protasevich	[BUG] New Kernel Bugs
openbsd-misc:

Colocation donated by:

Online users

Syndicate