All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jarod Wilson <jarod@redhat.com>
To: "Ted Ts'o" <tytso@mit.edu>, Jarod Wilson <jarod@redhat.com>,
	Sasha Levin <levinsasha928@gmail.com>,
	linux-crypto@vger.kernel.org, Matt Mackall <mpm@selenic.com>,
	Neil Horman <nhorman@
Subject: Re: [PATCH] random: add blocking facility to urandom
Date: Wed, 07 Sep 2011 15:36:13 -0400	[thread overview]
Message-ID: <4E67C7AD.9050903@redhat.com> (raw)
In-Reply-To: <20110907192737.GD20571@thunk.org>

Ted Ts'o wrote:
> On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
>> We're looking for a generic solution here that doesn't require
>> re-educating every single piece of userspace. And anything done in
>> userspace is going to be full of possible holes -- there needs to be
>> something in place that actually *enforces* the policy, and
>> centralized accounting/tracking, lest you wind up with multiple
>> processes racing to grab the entropy.
>
> Yeah, but there are userspace programs that depend on urandom not
> blocking... so your proposed change would break them.

But only if you've set the sysctl to a non-zero value, and even then, 
only if someone is actively draining entropy from /dev/random. 
Otherwise, in practice, it behaves the same as always. Granted, I 
haven't tested with all possible userspace to see how it might fall 
down, but suggestions for progs to try would be welcomed.

But again, I want to stress that out of the box, there's absolutely no 
change to the way urandom behaves, no blocking, this *only* kicks in if 
you twiddle the sysctl because you have some sort of security 
requirement that mandates it.


-- 
Jarod Wilson
jarod@redhat.com

WARNING: multiple messages have this Message-ID (diff)
From: Jarod Wilson <jarod@redhat.com>
To: "Ted Ts'o" <tytso@mit.edu>, Jarod Wilson <jarod@redhat.com>,
	Sasha Levin <levinsasha928@gmail.com>,
	linux-crypto@vger.kernel.org, Matt Mackall <mpm@selenic.com>,
	Neil Horman <nhorman@redhat.com>,
	Herbert Xu <herbert.xu@redhat.com>,
	Steve Grubb <sgrubb@redhat.com>,
	Stephan Mueller <stephan.mueller@atsec.com>,
	lkml <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] random: add blocking facility to urandom
Date: Wed, 07 Sep 2011 15:36:13 -0400	[thread overview]
Message-ID: <4E67C7AD.9050903@redhat.com> (raw)
In-Reply-To: <20110907192737.GD20571@thunk.org>

Ted Ts'o wrote:
> On Wed, Sep 07, 2011 at 02:26:35PM -0400, Jarod Wilson wrote:
>> We're looking for a generic solution here that doesn't require
>> re-educating every single piece of userspace. And anything done in
>> userspace is going to be full of possible holes -- there needs to be
>> something in place that actually *enforces* the policy, and
>> centralized accounting/tracking, lest you wind up with multiple
>> processes racing to grab the entropy.
>
> Yeah, but there are userspace programs that depend on urandom not
> blocking... so your proposed change would break them.

But only if you've set the sysctl to a non-zero value, and even then, 
only if someone is actively draining entropy from /dev/random. 
Otherwise, in practice, it behaves the same as always. Granted, I 
haven't tested with all possible userspace to see how it might fall 
down, but suggestions for progs to try would be welcomed.

But again, I want to stress that out of the box, there's absolutely no 
change to the way urandom behaves, no blocking, this *only* kicks in if 
you twiddle the sysctl because you have some sort of security 
requirement that mandates it.


-- 
Jarod Wilson
jarod@redhat.com



  reply	other threads:[~2011-09-07 19:36 UTC|newest]

Thread overview: 62+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-09-02 14:37 [PATCH] random: add blocking facility to urandom Jarod Wilson
2011-09-05  2:36 ` Sandy Harris
2011-09-06 14:09   ` Stephan Mueller
2011-09-07 17:38 ` Jarod Wilson
2011-09-07 18:12   ` Sasha Levin
2011-09-07 18:26     ` Jarod Wilson
2011-09-07 19:05       ` Sasha Levin
2011-09-07 19:30         ` Jarod Wilson
2011-09-07 20:00           ` Sasha Levin
2011-09-07 19:35         ` Neil Horman
2011-09-07 19:27       ` Ted Ts'o
2011-09-07 19:36         ` Jarod Wilson [this message]
2011-09-07 19:36           ` Jarod Wilson
2011-09-08  2:43           ` Sandy Harris
2011-09-07 19:49         ` David Miller
2011-09-07 20:02         ` Steve Grubb
2011-09-07 20:23           ` Sasha Levin
2011-09-07 20:30             ` Steve Grubb
2011-09-07 20:37               ` Sasha Levin
2011-09-07 20:56                 ` Steve Grubb
2011-09-07 21:10                   ` Sasha Levin
2011-09-07 21:28                     ` Steve Grubb
2011-09-07 21:38                       ` Sasha Levin
2011-09-07 21:35                     ` Jarod Wilson
2011-09-07 21:43                       ` Steve Grubb
2011-09-07 22:46                         ` Sven-Haegar Koch
2011-09-08  7:21                         ` Sasha Levin
2011-09-07 23:57                   ` Neil Horman
2011-09-08  6:41                     ` Tomas Mraz
2011-09-08 12:52                       ` Neil Horman
2011-09-08 13:11                         ` Steve Grubb
2011-09-08 13:49                           ` Neil Horman
2011-09-09  2:21                           ` Sandy Harris
2011-09-09 13:04                             ` Steve Grubb
2011-09-09 16:25                               ` Ted Ts'o
2011-09-09 21:27                               ` Thomas Gleixner
2011-09-12 13:56                                 ` Jarod Wilson
2011-09-13 10:58                                   ` Peter Zijlstra
2011-09-13 12:18                                     ` Jarod Wilson
2011-09-11  2:05                             ` Valdis.Kletnieks
2011-09-12 13:55                               ` Jarod Wilson
2011-09-12 16:58                                 ` Valdis.Kletnieks
2011-09-12 18:26                                   ` Jarod Wilson
2011-09-07 20:33           ` Neil Horman
2011-09-07 20:48             ` Steve Grubb
2011-09-07 21:18           ` Ted Ts'o
2011-09-07 21:27             ` Stephan Mueller
2011-09-07 21:27               ` Stephan Mueller
2011-09-07 21:38               ` Ted Ts'o
2011-09-08  8:44               ` Christoph Hellwig
2011-09-08 11:48                 ` Steve Grubb
2011-09-08 16:13                   ` David Miller
2011-09-09 19:08                     ` Eric Paris
2011-09-09 19:12                       ` Neil Horman
2011-09-08  8:42             ` Christoph Hellwig
2011-09-08  8:42               ` Christoph Hellwig
2011-09-07 21:20           ` Nikos Mavrogiannopoulos
2011-09-08  8:41           ` Christoph Hellwig
2011-09-12 14:02         ` Jarod Wilson
2011-09-12 14:02           ` Jarod Wilson
2011-09-12 14:58           ` Neil Horman
2011-09-12 17:06           ` Mark Brown

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E67C7AD.9050903@redhat.com \
    --to=jarod@redhat.com \
    --cc=levinsasha928@gmail.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=mpm@selenic.com \
    --cc=tytso@mit.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.