Re: [PATCH v4 0/5] /dev/random - a new approach

From: David JaÅa
Date: Wed Jun 15 2016 - 12:17:54 EST

Next message: Andrey Ryabinin: "Re: [PATCH v5 1/2] mm, kasan: improve double-free detection"
Previous message: Liviu Dudau: "Re: Mali DP tree for linux-next"
Next in thread: Stephan Mueller: "Re: [PATCH v4 0/5] /dev/random - a new approach"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Stephan,

Did you consider blocking urandom output or returning error until
initialized? Given the speed of initialization you report, it shouldn't
break any userspace apps while making sure that nobody uses predictable
pseudoranom numbers.

I was considering asking for patch (or even trying to write it myself)
to make current urandom block/fail when not initialized but that would
surely have to be off by default over "never break userspace" rule (even
if it means way too easy security problem with both random and urandom).
Properties of your urandom implementation makes this point moot and it
could make the random/urandom wars over.

Best Regards,

David JaÅa

Next message: Andrey Ryabinin: "Re: [PATCH v5 1/2] mm, kasan: improve double-free detection"
Previous message: Liviu Dudau: "Re: Mali DP tree for linux-next"
Next in thread: Stephan Mueller: "Re: [PATCH v4 0/5] /dev/random - a new approach"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]