Received: by 10.192.165.148 with SMTP id m20csp89107imm; Tue, 1 May 2018 18:12:00 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrYYUNTR7iFFBAjKaNdF+N/Pm1P1Qs2StpUHLcYgCXa+0iCeFq/HwSdEc+/YYpvAz7bkzkb X-Received: by 2002:a65:4a02:: with SMTP id s2-v6mr14421663pgq.265.1525223520855; Tue, 01 May 2018 18:12:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525223520; cv=none; d=google.com; s=arc-20160816; b=KSqxnzRvy8K5OS3/D12xVyAEZIWtR99iyxPlSGjOMGBNkKLn/cQXpuVlGi1gQvSrwE S6P/WgSqlSi248cBk9xrt3kh1YI+CPqHYPoglw4LXNgxPCrtYJR1YrOlT+kz/WxjwzSI MyKPgzK1wkB5JcpRfOoqEk+jH18tE7fIqCQp9+NjA6uZpj6nrqSjt5El3NZKNFjKlxDX xJCWG4TlhsNrbtEVDG/LiqxefcvkedwnFQ+c34UBcYw1OockX9/VGyNtH2Dl0f/l+m6M KR23bcPIoq0yF2ba/2Wvt3Yntg+bsJL+gxmws9vSE1ejaTPcG/bSd5h/QLKZNlw3qmLd +80Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:to :from:date:dkim-signature:arc-authentication-results; bh=2iPGSNV/0l4EQ7hQcUTp+n01nau/d8KHNPVbC5zph9A=; b=hQsyTCPrQRMBvElV59jbEvyIYZIMpdVp3yu3WtR2LN//mXNzWdESN8zSF7OHkYg5LT imPk4PVfe1LzAKEn/2Bmms8FJ1URqZAt/gq8vEeEH6UZ7k6RDLMbxIiN9P9C7P25MEK0 yPzcUVnboJFHtYsN2jYNTI7faTU/z6fMUhUeJyFvWMW9QVOEKIs/mUnp1OXc9eNdm4u4 GJ87PgGPfmttOZEI6uBvCoE9CSxdNdVBY1GqhZEHGIKO35u9FLuJW4ToSyDvh1uWqmKw LyXYxXH1GH3jh+aW3BSjBMOHXzEbpp5aVdQ2f8KqI8Rog4sQdff/oE4BY0bU1Jq4MuRn 3JQw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=o5Fo2Bfd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b6si10774083pfk.342.2018.05.01.18.11.46; Tue, 01 May 2018 18:12:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=o5Fo2Bfd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751469AbeEBBLU (ORCPT + 99 others); Tue, 1 May 2018 21:11:20 -0400 Received: from mail-oi0-f65.google.com ([209.85.218.65]:40081 "EHLO mail-oi0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751283AbeEBBLP (ORCPT ); Tue, 1 May 2018 21:11:15 -0400 Received: by mail-oi0-f65.google.com with SMTP id c203-v6so11514371oib.7 for ; Tue, 01 May 2018 18:11:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=2iPGSNV/0l4EQ7hQcUTp+n01nau/d8KHNPVbC5zph9A=; b=o5Fo2BfdqCZwCYXutkR4Q4Gh8gdpLKd+hH0PdVpQBsofvBjc0oz+WSJUfn6WP9buPV xyLJ2wUn77t0aGCUnSfFLfuPloZ07yRDkvKRtPRWW7o6wrQO1jznHlmMVOYL1AyXF+hX 0uZg+ypk4CFzDHeRFNUbHofsSWJDlSB9YsV7+ZBRSckXfqhxN8Ou2Cgev6HUaLeedgaA 6usk4kAUDJFyDUDQZabsi2jd4eZQSJoIFxTjcT0cAmCGcaUNIGbTiEbRqN/agdDtCzMy BoHSs8eoKx3FF/NCxLRazei3nDf1qv3Xz/DuM1OwcrfAeueCXSRIUchn0chFj6NAzOwj PmYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=2iPGSNV/0l4EQ7hQcUTp+n01nau/d8KHNPVbC5zph9A=; b=FOyqLA5GT/fpSlyRcBS4AqB9szCrKL1aoJIysBS0H9NqKSFtFxwDS6+4Oe1EV7pvbg 8vRftADohipMG/kMjQ8HGLerXV89FOfBhQ2xM0AH+Q5P8w5q7/ZfeFT1KuPiBiRQHKpt r+SRb7/rRhQFTOltkj3AoRVOVQIGBCQIIh81golcC/8B1K1Fam18dEgnR4Pb+H1HY+k6 Hn648PQ71V+8Aysr0sXJDgo0XVvGy2YRcllz1zk3AipURHcz+68f0PqnKAAFwiNrpe1d MY3LVJHrl+vvOrkNkXBIjpIm1jSGBdV209fZp58czfcYtRztbgOx5gXglqaOq7P8kEGz xGfA== X-Gm-Message-State: ALQs6tAbU7dz88Ib/JDkNnAL9gKQIlekeO7MbKQPgIQmMSwu+YDxYjS4 4PDORE6Uc5hNITFvpbUpoxI= X-Received: by 2002:aca:afcc:: with SMTP id y195-v6mr11204871oie.83.1525223475184; Tue, 01 May 2018 18:11:15 -0700 (PDT) Received: from sultan-box ([107.193.118.89]) by smtp.gmail.com with ESMTPSA id l2-v6sm7445001otd.38.2018.05.01.18.11.13 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 01 May 2018 18:11:14 -0700 (PDT) Date: Tue, 1 May 2018 18:11:11 -0700 From: Sultan Alsawaf To: "Theodore Y. Ts'o" , Justin Forbes , Jeremy Cline , Pavel Machek , LKML , Jann Horn Subject: Re: Linux messages full of `random: get_random_u32 called from` Message-ID: <20180502011111.m2jtl7tvdq3h3nhc@sultan-box> References: <20180429170541.lrzwyihrd6d75rql@sultan-box> <20180429184101.GA31156@amd> <20180429202033.ysmc42mj2rrk3h7p@sultan-box> <20180429220519.GQ5965@thunk.org> <01000163186628e6-3fe4abfc-eaaf-470c-90c8-2d8ad91db8f1-000000@email.amazonses.com> <20180501125518.GI20585@thunk.org> <20180502004317.kxwiu2oephgbi6ok@sultan-box> <20180502005604.GJ10479@thunk.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180502005604.GJ10479@thunk.org> User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 01, 2018 at 08:56:04PM -0400, Theodore Y. Ts'o wrote: > On Tue, May 01, 2018 at 05:43:17PM -0700, Sultan Alsawaf wrote: > > > > I've attached what I think is a reasonable stopgap solution until this is > > actually fixed. If you're willing to revert the CVE-2018-1108 patches > > completely, then I don't think you'll mind using this patch in the meantime. > > I would put it slightly differently; reverting the CVE-2018-1108 > patches is less dangerous than what you are proposing in your attached > patch. > > Again, I think the right answer is to fix userspace to not require > cryptographic grade entropy during early system startup, and for > people to *think* about what they are doing. I've looked at the > systemd's use of hmac in journal-authenticate, and as near as I can > tell, there isn't any kind of explanation about why it was necessary, > or what threat it was trying to protect against. > > - Ted Why is /dev/urandom so much more dangerous than /dev/random? The more I search, the more I see that many sources consider /dev/urandom to be cryptographically secure... and since I hold down a single key on the keyboard to make my computer boot without any kernel workarounds, I'm sure the NSA would eventually notice my predictable behavior and get their hands on my Richard Stallman photos. Fixing all the "broken" userspace instances of entropy usage during early system startup is a tall order. What about barebone machines used as remote servers? I feel like just "fixing userspace" isn't going to cover all of the usecases that the CVE-2018-1108 patches broke. Sultan