From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.71) id 1bXw3t-0008Rm-7Z for mharc-grub-devel@gnu.org; Thu, 11 Aug 2016 15:54:41 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59319) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bXw3r-0008Re-Fh for grub-devel@gnu.org; Thu, 11 Aug 2016 15:54:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bXw3m-00010x-GH for grub-devel@gnu.org; Thu, 11 Aug 2016 15:54:39 -0400 Received: from mout.gmx.net ([212.227.15.18]:57288) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bXw3m-00010J-62 for grub-devel@gnu.org; Thu, 11 Aug 2016 15:54:34 -0400 Received: from scdbackup.webframe.org ([91.8.173.247]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0MOx4J-1bc2Fs1TuR-006QQw for ; Thu, 11 Aug 2016 21:54:31 +0200 Date: Thu, 11 Aug 2016 21:55:59 +0200 From: "Thomas Schmitt" To: grub-devel@gnu.org Subject: Do grub-mkrescue GPT GUIDs need more entropy than --fs-uuid gets ? Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Message-Id: <8455587854707933842@scdbackup.webframe.org> X-Provags-ID: V03:K0:IX2DQP5h5aXZm5EgduI4jQLTbkgGghOX1/uQZB0HSMSx7T9D569 zow4Oam3mAkiJpGcIuy2tlbNUJF4G28VRuytbN4qacwJHzFIyWTE9L3sIs9d8atHCFXjIjn eh4PVZM5WPVS15i4BQrYJctcrULPt69S9AZZehn1sGIELjGEyFUXIEX7GJyL655We2ygjBV jabMj3lgeaD8C2hgx3s8g== X-UI-Out-Filterresults: notjunk:1;V01:K0:s0+mXNpQHts=:Ku+2Y/18TezzHLuEY1w0Vn 3v6pBkDFVQvecmSQUikQswWJ4rvlpoy6JIRzd73QABy2J3/qtd2ZVqorsDrws/BIi39ZVZcTv fanlXvPnX/k+oC3RBAcHsJWAGbgubtglrWC498rxKv7Ng0N6YwEZ6e/GwJKDfdgL0xLCtGpK/ 61RRhdo95S/UBoSVvEGYVdlDDH4qTCY27sMUc3EYkFqgamHP79Ldhm4rawm1/hxFM3DCXJB2F ErmBM+iyEk+3d06CXIguTxyMfbse34OH8mOkDYWln4Km1Ltx7nBxMCo+zT25Dxqz/1GyM6A/w 51DwzUTDt4+qbS05auEzpmuqN9+wYOHQpyzxc31HKIiNTTYan7TYzQprhzPyqwISTutgQg9D5 /868IyWPWXHDjqVfEDaARFasDohW9JsQiataUjtxc9JyJnGRdfUzqVR7sTQdAClvI5B1h7hUn nmsYEkI5N7DPRl/Q4X83BJWlFy3CccnRn3BuZ7kMYeS2q7bpmup8Cz5QMoSpVTcnMWDtIkahO iXK8QpIxh20ZRw9L0MtVt/2acxgR/P4v+IOgIfKYr6NnhBX8n1C1mJU57jXb6Jts1RrdpEnYo eeZ+79YpR0cjCcZlw/+SpCJKZxJ3uVMTjr6V6CkSJgGFSkmOtVnvVnBwuIpfOzzPmUoqfIsaL eS10laO7ortYYezHUF+4tAgBjyuD3yheNheKFW2m1VxgeNo/ZOstq/SZpgpXS3VW/foqCvHQq vwRUJdnMsyiDfcQ7FyyJ9hHsRSKbmmfrCD9UIFUEqHi7yGrFi+tkaYeEFurITQBHSZY5ey7QR 9KD3I0Q X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 212.227.15.18 X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Aug 2016 19:54:40 -0000 Hi, i am discussing with Chris Lamb on reproducible-builds@lists.alioth.debian.org how to make production of bootable ISOs reproducible. The last (yet known) obstacle are the pseudo-random GUIDs of the GPT which is produced for EFI bootability. Up to this obstacle it turned out that it will suffice to use the same input file tree and the same overall timestamp with xorriso -as mkisofs option --modification-date=YYYYMMDDhhmmsscc which was originally introduced for grub-mkrescue to match in grub.cfg search --fs-uuid --set YYYY-MM-DD-hh-mm-ss-cc I am now wondering whether it would be ok for grub-mkrescue if the GUIDs of the GPT would be derived reproducibly from this timestamp by default. (Currently they stem from /dev/urandom.) These GUIDs will of course be unique inside the GPT. But their entropy will be low and collisions with other ISOs could happen systematically because of nearly identical production times. Well, this can happen to the ISO 9660 --fs-uuid string under the same circumstances. So my question: Is there any reason known why the GPT GUID needs to have better randomness than the "search --fs-uuid" string ? Have a nice day :) Thomas