From: "Theodore Y. Ts'o" <tytso@mit.edu>
To: Arnd Bergmann <arnd@arndb.de>
Cc: Kees Cook <keescook@chromium.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Laura Abbott <labbott@redhat.com>,
Daniel Micay <danielmicay@gmail.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
tcharding <me@tobin.cc>, "Jason A. Donenfeld" <Jason@zx2c4.com>,
Andrew Morton <akpm@linux-foundation.org>,
Ingo Molnar <mingo@kernel.org>,
Steven Rostedt <rostedt@goodmis.org>,
Thomas Gleixner <tglx@linutronix.de>,
Alexandre Belloni <alexandre.belloni@bootlin.com>,
linux-rtc@vger.kernel.org
Subject: Re: [PATCH] random: Move rand_initialize() earlier
Date: Fri, 12 Oct 2018 10:43:52 -0400 [thread overview]
Message-ID: <20181012144352.GE2420@thunk.org> (raw)
In-Reply-To: <CAK8P3a3N6txZf8tzTdLvLwByrsWQvN_JSabV2TGe+zZenMWWxg@mail.gmail.com>
On Fri, Oct 12, 2018 at 10:42:39AM +0200, Arnd Bergmann wrote:
> I wonder if mixing in ktime_get_real() is flawed to start with:
> This depends on read_persistent_clock64() actually returning
> a meaningful time, but in many cases it does not; x86 being
> a notable exception.
>
> We have three ways of setting the initial time:
>
> * At early boot using read_persistent_clock64(). This may read
> the time from the hypervisor (if any), and on some older
> architectures that have a custom RTC abstraction, it
> reads from the RTC directly. We generally move away from
> the RTC method in favor of the proper rtc class interfaces
> (see below)
>
> * At late_initcall time, in rtc_hctosys(). If an RTC driver has
> been loaded successfully at this time, it will be read from
> there. We also move away from this.
>
> * From user space, which reads the RTC time or NTP,
> and then sets the system time from that.
>
> The latter two end up in do_settimeofday64(), but there
> is no mixing in of the time into the random seed that I can
> see, and it's not clear whether there should be (it
> can be called with arbitrary times from user space,
> provided CAP_SYS_TIME permissions).
I think it adds some real value (although perhaps small) in the first
two cases. In all of the cases, though, since we don't add any
entropy credit, it doesn't hurt to mix it in --- this is the same
argument why it's fine that /dev/[u]random can be world-writeable.
Mixing in user-controlled data is harmless, and if it's not visible to
a remote attacker, it can be helpful.
- Ted
prev parent reply other threads:[~2018-10-12 14:44 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20181011225421.GA21093@beast>
2018-10-12 8:42 ` [PATCH] random: Move rand_initialize() earlier Arnd Bergmann
2018-10-12 14:43 ` Theodore Y. Ts'o [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181012144352.GE2420@thunk.org \
--to=tytso@mit.edu \
--cc=Jason@zx2c4.com \
--cc=akpm@linux-foundation.org \
--cc=alexandre.belloni@bootlin.com \
--cc=ard.biesheuvel@linaro.org \
--cc=arnd@arndb.de \
--cc=danielmicay@gmail.com \
--cc=keescook@chromium.org \
--cc=labbott@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-rtc@vger.kernel.org \
--cc=me@tobin.cc \
--cc=mingo@kernel.org \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).