Re: Linux messages full of `random: get_random_u32 called from`

From: Theodore Y. Ts'o
Date: Tue May 01 2018 - 20:56:17 EST

Next message: Samuel Thibault: "[PATCH] staging: speakup: Add pause command used on switching to graphical mode"
Previous message: Maciej S. Szmigiero: "Re: [PATCH v5 4/6] x86/microcode/AMD: Check microcode container data in the late loader"
In reply to: Sultan Alsawaf: "Re: Linux messages full of `random: get_random_u32 called from`"
Next in thread: Sultan Alsawaf: "Re: Linux messages full of `random: get_random_u32 called from`"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 01, 2018 at 05:43:17PM -0700, Sultan Alsawaf wrote:
>
> I've attached what I think is a reasonable stopgap solution until this is
> actually fixed. If you're willing to revert the CVE-2018-1108 patches
> completely, then I don't think you'll mind using this patch in the meantime.

I would put it slightly differently; reverting the CVE-2018-1108
patches is less dangerous than what you are proposing in your attached
patch.

Again, I think the right answer is to fix userspace to not require
cryptographic grade entropy during early system startup, and for
people to *think* about what they are doing. I've looked at the
systemd's use of hmac in journal-authenticate, and as near as I can
tell, there isn't any kind of explanation about why it was necessary,
or what threat it was trying to protect against.

- Ted

Next message: Samuel Thibault: "[PATCH] staging: speakup: Add pause command used on switching to graphical mode"
Previous message: Maciej S. Szmigiero: "Re: [PATCH v5 4/6] x86/microcode/AMD: Check microcode container data in the late loader"
In reply to: Sultan Alsawaf: "Re: Linux messages full of `random: get_random_u32 called from`"
Next in thread: Sultan Alsawaf: "Re: Linux messages full of `random: get_random_u32 called from`"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]