Re: Why does reading from /dev/urandom deplete entropy so much?

[Mike McGrath]

Matt Mackall wrote:
> On Tue, Dec 04, 2007 at 04:23:12PM -0600, Mike McGrath wrote:
>   
> > Matt Mackall wrote:
> >     
> > > On Tue, Dec 04, 2007 at 03:18:27PM -0600, Mike McGrath wrote:
> > >  
> > >       
> > > > Matt Mackall wrote:
> > > >    
> > > >         
> > > > > which would have been in v2.6.22-rc4 through the normal CVE process.
> > > > > The only other bits in there are wall time and utsname, so systems
> > > > > with no CMOS clock would behave repeatably. Can we find out what
> > > > > kernels are affected?
> > > > >
> > > > >
> > > > >      
> > > > >           
> > > > We can but it will likely take a few weeks to get a good sampling. UUID 
> > > > is unique in the db so when someone checks in with the same UUID, the 
> > > > old one gets overwritten.
> > > >    
> > > >         
> > > We can probably assume that for whatever reason the two things with
> > > duplicate UUID had the same seed. If not, we've got -much- bigger
> > > problems.
> > >  
> > >       
> > Ok, I think I see whats going on here. I have some further investigation 
> > to do but it seems that the way our Live CD installer works is causing 
> > these issues. I'm going to try to grab some live CD's and hardware to 
> > confirm but at this point it seems thats whats going on.
> >     
>
> Alright, keep me posted. We probably need a scheme to make the initial
> seed more robust regardless of what you find out

Ok, whats going on here is an issue with how the smolt RPM installs the 
UUID and how Fedora's Live CD does an install.  It's a complete false 
alarm on the kernel side, sorry for the confusion.

   -Mike

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/