Re: Linux 5.3-rc8

From: Ahmed S. Darwish
Date: Mon Sep 16 2019 - 19:29:58 EST


On Mon, Sep 16, 2019 at 04:18:00PM -0700, Linus Torvalds wrote:
> On Mon, Sep 16, 2019 at 4:11 PM Matthew Garrett <mjg59@xxxxxxxxxxxxx> wrote:
> >
> > In one case we have "Systems don't boot, but you can downgrade your
> > kernel" and in the other case we have "Your cryptographic keys are weak
> > and you have no way of knowing unless you read dmesg", and I think
> > causing boot problems is the better outcome here.
>
> Or: In one case you have a real and present problem. In the other
> case, people are talking hypotheticals.
>

Linus, in all honesty, the other case is _not_ a hypothetical . For
example, here is a fresh comment on LWN from gnupg developers:

https://lwn.net/Articles/799352

It's about this libgnupg code:

=> https://dev.gnupg.org/source/libgcrypt.git

=> random/rdlinux.c:

/* If we have a modern operating system, we first try to use the new
* getentropy function. That call guarantees that the kernel's
* RNG has been properly seeded before returning any data. This
* is different from /dev/urandom which may, due to its
* non-blocking semantics, return data even if the kernel has
* not been properly seeded. And it differs from /dev/random by never
* blocking once the kernel is seeded. */
#if defined(HAVE_GETENTROPY) || defined(__NR_getrandom)
do {
...
ret = getentropy (buffer, nbytes);
...
} while (ret == -1 && errno == EINTR);

thanks,

--
Ahmed Darwish
http://darwish.chasingpointers.com