From: "Theodore Ts'o" <tytso@mit.edu>
To: Naveen Nathan <naveen@lastninja.net>
Cc: Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Kevin Easton <kevin@guarana.org>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] random: urandom reads block when CRNG is not initialized.
Date: Mon, 27 May 2019 10:06:43 -0400 [thread overview]
Message-ID: <20190527140643.GB8585@mit.edu> (raw)
In-Reply-To: <20190527122627.GA15618@u>
On Mon, May 27, 2019 at 12:26:28PM +0000, Naveen Nathan wrote:
> Adds a compile-time option to ensure urandom reads block until
> the cryptographic random number generator (CRNG) is initialized.
>
> This fixes a long standing security issue, the so called boot-time
> entropy hole, where systems (particularly headless and embededd)
> generate cryptographic keys before the CRNG has been iniitalised,
> as exhibited in the work at https://factorable.net/.
>
> This is deliberately a compile-time option without a corresponding
> command line option to toggle urandom blocking behavior to prevent
> system builders shooting themselves in the foot by
> accidently/deliberately/maliciously toggling the option off in
> production builds.
>
> Signed-off-by: Naveen Nathan <naveen@lastninja.net>
This is guaranteed to cause the system to fail for systems using
systemd. (Unless you are running an x86 with random.trust_cpu=1 ---
in which case, this patch/config is pointless.) And many embedded
systems *do* use systemd. I know lots of people like to wish that
systemd doesn't exist, but we need to face reality.
*Seriously,* if this is something the system builder should be using,
they should be fixing userspace. And if they care enough that they
would want to enable this patch, they could just scan dmesg looking
for the warnings from the kernel.
- Ted
next prev parent reply other threads:[~2019-05-27 14:07 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-27 12:26 [PATCH] random: urandom reads block when CRNG is not initialized Naveen Nathan
2019-05-27 14:06 ` Theodore Ts'o [this message]
2019-05-27 15:35 ` Naveen Nathan
2019-05-27 15:43 ` Jason A. Donenfeld
2019-05-27 17:05 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190527140643.GB8585@mit.edu \
--to=tytso@mit.edu \
--cc=Jason@zx2c4.com \
--cc=arnd@arndb.de \
--cc=gregkh@linuxfoundation.org \
--cc=kevin@guarana.org \
--cc=linux-kernel@vger.kernel.org \
--cc=naveen@lastninja.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox