From: "Theodore Y. Ts'o" <tytso@mit.edu>
To: Paul Menzel <pmenzel+linux-random-number@molgen.mpg.de>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Linux messages full of `random: get_random_u32 called from`
Date: Tue, 24 Apr 2018 09:56:21 -0400 [thread overview]
Message-ID: <20180424135621.GD4189@thunk.org> (raw)
In-Reply-To: <42c1b84b-ab1f-5577-6304-e0985a637cf9@molgen.mpg.de>
On Tue, Apr 24, 2018 at 01:48:16PM +0200, Paul Menzel wrote:
> Dear Linux folks,
>
> w
> Since Linux 4.17-rcX, Linux spams a lot of `random: get_random_u32 called
> from` messages. I believe, this setting should be reverted by default as
> otherwise a lot of other messages are not seen.
Can you tell me a bit about your system? What distribution, what
hardware is present in your sytsem (what architecture, what
peripherals are attached, etc.)?
There's a reason why we made this --- we were declaring the random
number pool to be fully intialized before it really was, and that was
a potential security concern. It's not as bad as the weakness
discovered by Nadia Heninger in 2012. (See https://factorable.net for
more details.) However, this is not one of those things where we like
to fool around.
So I want to understand if this is an issue with a particular hardware
configuration, or whether it's just a badly designed Linux init system
or embedded setup, or something else. After all, you wouldn't want
the NSA spying on all of your network traffic, would you? :-)
- Ted
next prev parent reply other threads:[~2018-04-24 13:56 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-24 11:48 Linux messages full of `random: get_random_u32 called from` Paul Menzel
2018-04-24 13:56 ` Theodore Y. Ts'o [this message]
2018-04-24 14:30 ` Paul Menzel
2018-04-24 15:49 ` Theodore Y. Ts'o
2018-04-24 15:56 ` Paul Menzel
2018-04-25 7:41 ` Theodore Y. Ts'o
2018-04-26 3:48 ` Paul Menzel
2018-04-29 14:22 ` Pavel Machek
2018-04-29 23:02 ` Dave Jones
2018-04-29 23:07 ` Dave Jones
2018-04-30 0:21 ` Theodore Y. Ts'o
2018-04-26 5:51 ` Pavel Machek
[not found] <1524676526.3280.40.camel@armitage.org.uk>
2018-04-25 20:28 ` Theodore Y. Ts'o
-- strict thread matches above, loose matches on Subject: below --
2018-04-26 4:11 Sultan Alsawaf
2018-04-26 5:00 ` Theodore Y. Ts'o
2018-04-26 5:05 ` Sultan Alsawaf
2018-04-26 7:32 ` Theodore Y. Ts'o
2018-04-26 15:17 ` Sultan Alsawaf
2018-04-26 19:25 ` Theodore Y. Ts'o
2018-04-26 20:22 ` Sultan Alsawaf
2018-04-26 20:47 ` Christian Brauner
2018-04-27 0:00 ` Theodore Y. Ts'o
2018-04-27 15:38 ` Jason A. Donenfeld
2018-04-27 19:14 ` Theodore Y. Ts'o
2018-04-26 23:56 ` Theodore Y. Ts'o
2018-04-27 5:20 ` Sultan Alsawaf
2018-04-27 20:10 ` Theodore Y. Ts'o
2018-04-27 22:59 ` Sultan Alsawaf
2018-04-29 14:32 ` Pavel Machek
2018-04-29 17:05 ` Sultan Alsawaf
2018-04-29 18:41 ` Pavel Machek
2018-04-29 20:20 ` Sultan Alsawaf
2018-04-29 21:18 ` Pavel Machek
2018-04-29 21:34 ` Sultan Alsawaf
2018-04-29 22:05 ` Theodore Y. Ts'o
2018-04-29 22:26 ` Sultan Alsawaf
2018-04-29 22:43 ` Jason A. Donenfeld
2018-04-29 22:49 ` Sultan Alsawaf
2018-04-30 0:11 ` Theodore Y. Ts'o
2018-04-30 4:34 ` Sultan Alsawaf
2018-04-30 16:11 ` Theodore Y. Ts'o
2018-05-01 19:53 ` Pavel Machek
2018-04-29 22:43 ` Pavel Machek
2018-04-30 0:32 ` Laura Abbott
2018-04-30 21:12 ` Jeremy Cline
2018-05-01 11:52 ` Justin Forbes
2018-05-01 12:55 ` Theodore Y. Ts'o
2018-05-01 22:35 ` Justin Forbes
2018-05-02 0:02 ` Theodore Y. Ts'o
2018-05-02 12:09 ` Justin Forbes
2018-05-02 16:26 ` Theodore Y. Ts'o
2018-05-02 17:49 ` Laura Abbott
2018-05-02 22:25 ` Theodore Y. Ts'o
2018-05-03 6:19 ` Pavel Machek
2018-05-03 12:23 ` Justin Forbes
2018-05-02 0:43 ` Sultan Alsawaf
2018-05-02 0:56 ` Theodore Y. Ts'o
2018-05-02 1:11 ` Sultan Alsawaf
2018-04-29 18:30 ` Sultan Alsawaf
2018-04-29 20:08 ` Theodore Y. Ts'o
2018-05-18 1:27 ` Trent Piepho
2018-05-18 2:32 ` Theodore Y. Ts'o
2018-05-18 22:56 ` Trent Piepho
2018-05-18 23:22 ` Theodore Y. Ts'o
2018-05-21 18:39 ` Trent Piepho
2018-04-29 14:29 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180424135621.GD4189@thunk.org \
--to=tytso@mit.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=pmenzel+linux-random-number@molgen.mpg.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.