From: Theodore Ts'o <tytso@mit.edu>
To: Ben Hutchings <ben@decadent.org.uk>
Cc: Linux Kernel Developers List <linux-kernel@vger.kernel.org>,
ewust@umich.edu, zakir@umich.edu, nadiah@cs.ucsd.edu,
jhalderm@umich.edu, stable@vger.kernel.org
Subject: Re: [PATCH 07/12] random: use the arch-specific rng in xfer_secondary_pool
Date: Sat, 7 Jul 2012 21:41:24 -0400 [thread overview]
Message-ID: <20120708014124.GA3809@thunk.org> (raw)
In-Reply-To: <1341709606.25597.182.camel@deadeye.wl.decadent.org.uk>
On Sun, Jul 08, 2012 at 02:06:46AM +0100, Ben Hutchings wrote:
>
> Surely the number of random bytes being added is i * sizeof(long), not
> sizeof(u.hwrand)?
>
Meh; Kees Cook has made the same observation. Basically, in the
unlikely case where RDRAND fails, we'll end up mixing in stack
garbage. It's not a security vulnerability, since the contents of the
entropy pool never gets exposed. In fact, one could argue that mixing
in some unknown garbage from the kernel stack might actually help a
little; but it can't hurt.
- Ted
next prev parent reply other threads:[~2012-07-08 1:41 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1341614704-24965-1-git-send-email-tytso@mit.edu>
2012-07-06 22:44 ` [PATCH 02/12] random: make 'add_interrupt_randomness()' do something sane Theodore Ts'o
2012-07-08 2:01 ` Ben Hutchings
2012-07-06 22:44 ` [PATCH 03/12] random: use lockless techniques in the interrupt path Theodore Ts'o
2012-07-06 22:44 ` [PATCH 04/12] random: create add_device_randomness() interface Theodore Ts'o
2012-07-06 22:44 ` [PATCH 05/12] usb: feed USB device information to the /dev/random driver Theodore Ts'o
2012-07-06 23:02 ` Jonathan Nieder
2012-07-06 23:18 ` Greg KH
2012-07-06 23:26 ` Theodore Ts'o
2012-07-07 1:08 ` Jonathan Nieder
2012-07-06 22:44 ` [PATCH 06/12] net: feed /dev/random with the MAC address when registering a device Theodore Ts'o
2012-07-06 22:44 ` [PATCH 07/12] random: use the arch-specific rng in xfer_secondary_pool Theodore Ts'o
2012-07-07 17:11 ` [PATCH] random: only use gathered bytes from arch_get_random_long Kees Cook
2012-07-07 18:23 ` Theodore Ts'o
2012-07-07 23:20 ` Kees Cook
2012-07-08 1:06 ` [PATCH 07/12] random: use the arch-specific rng in xfer_secondary_pool Ben Hutchings
2012-07-08 1:41 ` Theodore Ts'o [this message]
2012-07-08 2:06 ` Ben Hutchings
2012-07-06 22:45 ` [PATCH 08/12] random: add new get_random_bytes_arch() function Theodore Ts'o
2012-07-06 22:45 ` [PATCH 11/12] rtc: wm831x: Feed the write counter into device_add_randomness() Theodore Ts'o
2012-07-06 22:45 ` [PATCH 12/12] mfd: wm831x: Feed the device UUID " Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120708014124.GA3809@thunk.org \
--to=tytso@mit.edu \
--cc=ben@decadent.org.uk \
--cc=ewust@umich.edu \
--cc=jhalderm@umich.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=nadiah@cs.ucsd.edu \
--cc=stable@vger.kernel.org \
--cc=zakir@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).