All of lore.kernel.org
 help / color / mirror / Atom feed
From: David Laight <David.Laight@ACULAB.COM>
To: "'Jason A. Donenfeld'" <Jason@zx2c4.com>
Cc: James Hilliard <james.hilliard1@gmail.com>,
	"Yann E. MORIN" <yann.morin.1998@free.fr>,
	buildroot <buildroot@buildroot.org>
Subject: Re: [Buildroot] [PATCH v3] package/urandom-scripts: actually credit seed files via seedrng
Date: Fri, 1 Apr 2022 10:11:54 +0000	[thread overview]
Message-ID: <e76de69b227d4a66ae2f2c9fd6901476@AcuMS.aculab.com> (raw)
In-Reply-To: <CAHmME9rQOtfhKCOD8AAmpnY6yjNZTUi0H6_Jmd5vYtu68TxaGg@mail.gmail.com>

From: Jason A. Donenfeld
> Sent: 01 April 2022 10:23
> 
> On 4/1/22, David Laight <David.Laight@aculab.com> wrote:
> > I used the following small program instead of dd to credit the entropy.
> 
> Not a safe idea; will lead to problems and footguns. Doesn't handle
> safe fsync'd deletion of used seeds and safe sequencing. Doesn't
> handle hashing old seed with new seed. Ignores much of the discussion
> that lead to seedrng's design.

But it does exactly what the old scripts thought they were doing
and is far better that just using dd.

I'm not even sure that trying to save a 'new seed' in the
startup script is a good idea at all.
The new seed is very likely to just be a permutation of the
old seed - since little extra 'entropy' can have been added.
So while it may stop complete reproducibility I'm not at
all sure it is cryptographically sound at all.

If you can't rely on saving entropy at shutdown, then using
(the equivalent of) a cron job to save every hour (or so)
is probably useful.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

  reply	other threads:[~2022-04-01 10:12 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-27  5:48 [Buildroot] [PATCH] package/urandom-scripts: actually credit seed files via seedrng Jason A. Donenfeld
2022-03-27 18:01 ` James Hilliard
2022-03-27 19:36   ` Arnout Vandecappelle
2022-03-27 19:58     ` James Hilliard
2022-03-27 20:08       ` Jason A. Donenfeld
2022-03-27 20:10         ` Jason A. Donenfeld
2022-03-27 20:24           ` [Buildroot] [PATCH v2] " Jason A. Donenfeld
2022-03-27 20:29             ` James Hilliard
2022-03-29  5:04             ` [Buildroot] [PATCH v3] " Jason A. Donenfeld
2022-03-29  6:12               ` David Laight
2022-03-30 16:32               ` Peter Korsgaard
2022-03-30 16:57                 ` David Laight
2022-03-30 17:13                 ` Jason A. Donenfeld
2022-03-31 14:50                   ` Jason A. Donenfeld
2022-03-31 14:57                   ` [Buildroot] [PATCH v4] " Jason A. Donenfeld
2022-03-31 15:16                     ` David Laight
2022-03-31 15:46                       ` David Laight
2022-03-31 17:11                   ` [Buildroot] [PATCH v3] " Peter Korsgaard
2022-04-01  8:12                     ` David Laight
2022-04-01  9:22                       ` Jason A. Donenfeld
2022-04-01 10:11                         ` David Laight [this message]
2022-04-01 10:17                           ` Jason A. Donenfeld
2022-04-01 10:57                   ` James Hilliard
2022-04-01 11:04                     ` Jason A. Donenfeld
2022-04-01 11:34                       ` David Laight
2022-04-02 17:08                         ` Arnout Vandecappelle
2022-04-03  7:30                           ` David Laight
2022-04-04 14:32                             ` Jason A. Donenfeld
2022-04-03  9:42                           ` Yann E. MORIN
2022-04-03 23:13                             ` James Hilliard
2022-04-04 14:40                               ` Jason A. Donenfeld
2022-04-04 14:38                             ` Jason A. Donenfeld
2022-03-27 20:25           ` [Buildroot] [PATCH] " James Hilliard
2022-03-27 20:26             ` Jason A. Donenfeld

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=e76de69b227d4a66ae2f2c9fd6901476@AcuMS.aculab.com \
    --to=david.laight@aculab.com \
    --cc=Jason@zx2c4.com \
    --cc=buildroot@buildroot.org \
    --cc=james.hilliard1@gmail.com \
    --cc=yann.morin.1998@free.fr \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.