Re: [RESEND PATCH V3] binfmt_elf.c: use get_random_int() to fixentropy depleting

[Andrew Morton]

On Tue, 6 Nov 2012 23:13:54 -0800
Kees Cook <keescook@xxxxxxxxxxxx> wrote:

> On Tue, Nov 6, 2012 at 11:02 PM, Jeff Liu <jeff.liu@xxxxxxxxxx> wrote:
> > On 11/07/2012 02:21 PM, Kees Cook wrote:
> >> I still want to hear at least from Ted about this changes -- we would
> >> be potentially increasing the predictability of these bytes...
> >
> > We would not increasing that if this routine would be used for AT_RANDOM
> > only(and if the array keeping aligned to 4 bytes).
> > Otherwise, it would be, so let's waiting for further feedbacks.
> 
> get_random_int() comes from a different pool than get_random_bytes(),
> IIUC. I'd like to hear some convincing reasoning as to why this change
> doesn't compromise predictability. :)

But the original "ELF: implement AT_RANDOM for glibc PRNG seeding"
compromised predictability.  That's the whole point of this patch.

What was so important about that patch that justified gobbling down so
much of the system's entropy accumulation?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/