From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
To: "Lee Duncan" <lduncan@suse.com>
Cc: "David Miller" <davem@davemloft.net>,
"Eric Biggers" <ebiggers3@gmail.com>,
"open-iscsi" <open-iscsi@googlegroups.com>,
"Nicholas A.Bellinger" <nab@linux-iscsi.org>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>, "Ted Ts'o" <tytso@mit.edu>,
"Chris Leech" <cleech@redhat.com>,
"Linux Crypto Mailing List" <linux-crypto@vger.kernel.org>,
<linux-kernel@vger.kernel.org>,
"Jason A.Donenfeld" <Jason@zx2c4.com>
Subject: Antw: Re: [kernel-hardening] Re: [PATCH v4 06/13] iscsi: ensure RNG is seeded before use
Date: Wed, 05 Jul 2017 09:08:41 +0200 [thread overview]
Message-ID: <595C9079020000A100026F37@gwsmtp1.uni-regensburg.de> (raw)
In-Reply-To: <CAH8yC8nHX2r9cfQ0gNeJAUrgSfAS8V16dVHv35BRnLn-YprZCg@mail.gmail.com>
>>> Jeffrey Walton <noloader@gmail.com> schrieb am 17.06.2017 um 16:23 in Nachricht
<CAH8yC8nHX2r9cfQ0gNeJAUrgSfAS8V16dVHv35BRnLn-YprZCg@mail.gmail.com>:
[...]
> But its not clear to me how to ensure uniqueness when its based on
> randomness from the generators.
Even with a perfect random generator non-unique values are possible (that's why it's random). It's unlikely, but it can happen. The question is whether the probability of non-unique values from /dev/urandom is any higher than that for values read from /dev/random. One _might_ be able to predict the values from /dev/urandom.
Regards,
Ulrich
>
> Jeff
>
> --
> You received this message because you are subscribed to the Google Groups
> "open-iscsi" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to open-iscsi+unsubscribe@googlegroups.com.
> To post to this group, send email to open-iscsi@googlegroups.com.
> Visit this group at https://groups.google.com/group/open-iscsi.
> For more options, visit https://groups.google.com/d/optout.
next prev parent reply other threads:[~2017-07-05 7:15 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-06 17:47 [PATCH v4 00/13] Unseeded In-Kernel Randomness Fixes Jason A. Donenfeld
2017-06-06 17:47 ` [PATCH v4 01/13] random: invalidate batched entropy after crng init Jason A. Donenfeld
2017-06-07 23:58 ` Theodore Ts'o
2017-06-08 0:52 ` Jason A. Donenfeld
2017-06-06 17:47 ` [PATCH v4 02/13] random: add synchronous API for the urandom pool Jason A. Donenfeld
2017-06-08 0:00 ` Theodore Ts'o
2017-06-06 17:47 ` [PATCH v4 03/13] random: add get_random_{bytes,u32,u64,int,long,once}_wait family Jason A. Donenfeld
2017-06-08 0:05 ` [kernel-hardening] " Theodore Ts'o
2017-06-06 17:47 ` [PATCH v4 04/13] security/keys: ensure RNG is seeded before use Jason A. Donenfeld
2017-06-08 0:31 ` Theodore Ts'o
2017-06-08 0:50 ` Jason A. Donenfeld
2017-06-08 1:03 ` Jason A. Donenfeld
2017-06-06 17:47 ` [PATCH v4 05/13] crypto/rng: ensure that the RNG is ready before using Jason A. Donenfeld
2017-06-08 0:41 ` [kernel-hardening] " Theodore Ts'o
2017-06-08 0:47 ` Jason A. Donenfeld
2017-06-06 17:47 ` [PATCH v4 06/13] iscsi: ensure RNG is seeded before use Jason A. Donenfeld
2017-06-08 2:43 ` Theodore Ts'o
2017-06-08 12:09 ` [kernel-hardening] " Jason A. Donenfeld
2017-06-16 21:58 ` Lee Duncan
2017-06-17 0:41 ` Jason A. Donenfeld
2017-06-17 3:45 ` Lee Duncan
2017-06-17 14:23 ` Jeffrey Walton
2017-06-17 18:50 ` [kernel-hardening] " Paul Koning
2017-07-05 7:08 ` Ulrich Windl [this message]
2017-07-05 13:16 ` Antw: Re: [kernel-hardening] " Paul Koning
2017-07-05 17:34 ` Theodore Ts'o
2017-06-18 8:04 ` Stephan Müller
2017-06-26 1:23 ` Nicholas A. Bellinger
2017-06-26 17:38 ` Stephan Müller
2017-06-30 6:02 ` Nicholas A. Bellinger
2017-07-05 7:03 ` Antw: " Ulrich Windl
2017-07-05 12:35 ` Theodore Ts'o
2017-06-06 17:47 ` [PATCH v4 07/13] ceph: ensure RNG is seeded before using Jason A. Donenfeld
2017-06-08 2:45 ` [kernel-hardening] " Theodore Ts'o
2017-06-06 17:47 ` [PATCH v4 08/13] cifs: use get_random_u32 for 32-bit lock random Jason A. Donenfeld
2017-06-08 0:25 ` [kernel-hardening] " Theodore Ts'o
2017-06-08 0:31 ` Jason A. Donenfeld
2017-06-08 0:34 ` Jason A. Donenfeld
2017-06-06 17:48 ` [PATCH v4 09/13] rhashtable: use get_random_u32 for hash_rnd Jason A. Donenfeld
2017-06-08 2:47 ` Theodore Ts'o
2017-06-06 17:48 ` [PATCH v4 10/13] net/neighbor: use get_random_u32 for 32-bit hash random Jason A. Donenfeld
2017-06-08 3:00 ` Theodore Ts'o
2017-06-06 17:48 ` [PATCH v4 11/13] net/route: use get_random_int for random counter Jason A. Donenfeld
2017-06-08 3:01 ` Theodore Ts'o
2017-06-06 17:48 ` [PATCH v4 12/13] bluetooth/smp: ensure RNG is properly seeded before ECDH use Jason A. Donenfeld
2017-06-08 3:06 ` Theodore Ts'o
2017-06-08 5:04 ` Marcel Holtmann
2017-06-08 12:03 ` Jason A. Donenfeld
2017-06-08 12:05 ` Jason A. Donenfeld
2017-06-08 17:05 ` Marcel Holtmann
2017-06-08 17:34 ` Jason A. Donenfeld
2017-06-09 1:16 ` [PATCH] bluetooth: ensure RNG is properly seeded before powerup Jason A. Donenfeld
2017-06-06 17:48 ` [PATCH v4 13/13] random: warn when kernel uses unseeded randomness Jason A. Donenfeld
2017-06-08 8:19 ` Theodore Ts'o
2017-06-08 12:01 ` Jason A. Donenfeld
2017-06-15 11:03 ` [kernel-hardening] " Michael Ellerman
2017-06-15 11:59 ` Stephan Müller
2017-06-18 15:46 ` Theodore Ts'o
2017-06-18 17:55 ` Stephan Müller
2017-06-18 19:12 ` Jason A. Donenfeld
2017-06-18 19:11 ` Jason A. Donenfeld
2017-06-08 8:43 ` Jeffrey Walton
2017-06-07 12:33 ` [PATCH v4 00/13] Unseeded In-Kernel Randomness Fixes Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=595C9079020000A100026F37@gwsmtp1.uni-regensburg.de \
--to=ulrich.windl@rz.uni-regensburg.de \
--cc=Jason@zx2c4.com \
--cc=cleech@redhat.com \
--cc=davem@davemloft.net \
--cc=ebiggers3@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=lduncan@suse.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nab@linux-iscsi.org \
--cc=open-iscsi@googlegroups.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).