From: Daniel Micay <danielmicay@gmail.com>
To: Henrique de Moraes Holschuh <hmh@hmh.eng.br>,
Theodore Ts'o <tytso@mit.edu>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
Eric Biggers <ebiggers3@gmail.com>,
Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
kernel-hardening@lists.openwall.com,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
David Miller <davem@davemloft.net>,
Herbert Xu <herbert@gondor.apana.org.au>,
Stephan Mueller <smueller@chronox.de>
Subject: Re: [kernel-hardening] Re: [PATCH v3 04/13] crypto/rng: ensure that the RNG is ready before using
Date: Wed, 07 Jun 2017 13:00:25 -0400 [thread overview]
Message-ID: <1496854825.10825.24.camel@gmail.com> (raw)
In-Reply-To: <20170606221910.GB9057@khazad-dum.debian.net>
> On the better bootloaders, an initramfs segment can be loaded
> independently (and you can have as many as required), which makes an
> early_initramfs a more palatable vector to inject large amounts of
> entropy into the next boot than, say, modifying the kernel image
> directly at every boot/shutdown to stash entropy in there somewhere.
Modifying the kernel image on storage isn't compatible with verified
boot so it's not really a solution. The kernel, initrd and rest of the
OS are signed and verified on operating systems like Android, Android
Things, ChromeOS and many embedded devices, etc. putting some basic
effort into security. I didn't really understand the device tree
approach and mentioned a few times before. Passing via the kernel
cmdline is a lot simpler than modifying the device tree in-memory and
persistent modification isn't an option unless verified boot is missing
anyway.
next prev parent reply other threads:[~2017-06-07 17:00 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-06 0:50 [PATCH v3 00/13] Unseeded In-Kernel Randomness Fixes Jason A. Donenfeld
2017-06-06 0:50 ` [PATCH v3 01/13] random: add synchronous API for the urandom pool Jason A. Donenfeld
2017-06-06 0:50 ` [PATCH v3 02/13] random: add get_random_{bytes,u32,u64,int,long,once}_wait family Jason A. Donenfeld
2017-06-06 5:11 ` Jeffrey Walton
2017-06-06 12:21 ` Jason A. Donenfeld
2017-06-06 0:50 ` [PATCH v3 03/13] random: invalidate batched entropy after crng init Jason A. Donenfeld
2017-06-07 17:42 ` kbuild test robot
2017-06-07 18:16 ` Jason A. Donenfeld
2017-06-06 0:50 ` [PATCH v3 04/13] crypto/rng: ensure that the RNG is ready before using Jason A. Donenfeld
2017-06-06 3:00 ` Theodore Ts'o
2017-06-06 3:56 ` Jason A. Donenfeld
2017-06-06 4:44 ` [kernel-hardening] " Eric Biggers
2017-06-06 12:34 ` Jason A. Donenfeld
2017-06-06 15:23 ` Jason A. Donenfeld
2017-06-06 17:26 ` Eric Biggers
2017-06-06 17:30 ` Jason A. Donenfeld
2017-06-06 17:03 ` Theodore Ts'o
2017-06-06 17:28 ` Jason A. Donenfeld
2017-06-06 17:57 ` Stephan Müller
2017-06-06 18:01 ` Jason A. Donenfeld
2017-06-06 22:19 ` Henrique de Moraes Holschuh
2017-06-06 23:14 ` Theodore Ts'o
2017-06-07 5:00 ` Stephan Müller
2017-06-07 14:42 ` Henrique de Moraes Holschuh
2017-06-07 21:27 ` [kernel-hardening] " Theodore Ts'o
2017-06-07 17:00 ` Daniel Micay [this message]
2017-06-07 17:26 ` Mark Rutland
2017-06-08 3:59 ` Daniel Micay
2017-06-07 17:37 ` Mark Rutland
2017-06-08 12:02 ` Kevin Easton
2017-06-06 0:51 ` [PATCH v3 05/13] security/keys: ensure RNG is seeded before use Jason A. Donenfeld
2017-06-06 0:51 ` [PATCH v3 06/13] iscsi: " Jason A. Donenfeld
2017-06-06 0:51 ` [PATCH v3 07/13] ceph: ensure RNG is seeded before using Jason A. Donenfeld
2017-06-06 0:51 ` [PATCH v3 08/13] cifs: use get_random_u32 for 32-bit lock random Jason A. Donenfeld
2017-06-06 0:51 ` [PATCH v3 09/13] rhashtable: use get_random_u32 for hash_rnd Jason A. Donenfeld
2017-06-06 0:51 ` [PATCH v3 10/13] net/neighbor: use get_random_u32 for 32-bit hash random Jason A. Donenfeld
2017-06-06 0:51 ` [PATCH v3 11/13] net/route: use get_random_int for random counter Jason A. Donenfeld
2017-06-06 0:51 ` [PATCH v3 12/13] bluetooth/smp: ensure RNG is properly seeded before ECDH use Jason A. Donenfeld
2017-06-06 0:51 ` [PATCH v3 13/13] random: warn when kernel uses unseeded randomness Jason A. Donenfeld
2017-06-06 10:08 ` [PATCH v3 05/13] security/keys: ensure RNG is seeded before use David Howells
2017-06-06 12:23 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1496854825.10825.24.camel@gmail.com \
--to=danielmicay@gmail.com \
--cc=Jason@zx2c4.com \
--cc=davem@davemloft.net \
--cc=ebiggers3@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=hmh@hmh.eng.br \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=smueller@chronox.de \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).