Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers

On Fri, May 05, 2006 at 03:11:27PM -0400, Theodore Tso wrote:
> On Fri, May 05, 2006 at 12:24:26PM -0500, Matt Mackall wrote:
> > I haven't seen such an analysis, scholarly or otherwise and my bias
> > here is to lean towards the paranoid.
> > 
> > Assuming a machine with no TSC and an otherwise quiescent ethernet
> > (hackers burning the midnight oil), I think most of the
> > hard-to-analyze bits above get pretty transparent.
> 
> As always, whether or not the packet arrival times could be guessable
> and/or controlled by an attacker really depends on your threat model.
> For someone who has an ethernet monitor attached directly to the
> segment right next to your computer, it's very likely that they would
> be successful in guessing the inputs into the entropy pool.  However,
> an attacker with physical access to your machine could probably do all
> sorts of other things, such as install a keyboard sniffer, etc.  
> 
> For a remote attacker, life gets much more difficult.  Each switch,
> router, and bridge effectively has a queue into which packets must
> flow through, and that is _not_ known to a remote attacker.  This is
> especially true today, when most people don't even use repeaters, but
> rather switches/bridges, which effectly make each ethernet connection
> to each host its own separate collision domain (indeed that term
> doesn't even apply for modern high-speed ethernets).
> 
> I've always thought the right answer is that whether or not network
> packet arrival times should be used as entropy input should be
> configurable, since depending on the environment, it might or might
> not be safe, and for some hosts (particularly diskless servers), the
> network might be the only source of entropy available to them.

Nonetheless, the current SA_SAMPLE_RANDOM scheme should go. A) it's in
the IRQ fast path B) most of its users are bogus which strongly
indicates it's a bad API.

Instead (if we want network entropy) we should add an
add_network_randomness call in some central location in the network
stack (probably right next to netpoll's RX hooks) and probably have it
compiled out by default.

-- 
Mathematics is the supreme nostalgia of our time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
    • From: Theodore Tso <[email protected]>

• References:
  • [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
    • From: Matt Mackall <[email protected]>
  • Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
    • From: Kyle Moffett <[email protected]>
  • Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
    • From: Matt Mackall <[email protected]>
  • Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
    • From: Theodore Tso <[email protected]>

• Prev by Date: Re: [PATCH] sendfile compat functions on x86_64 and ia64
• Next by Date: Re: Lock-up with modprobe sdhci after suspending to ram
• Previous by thread: Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
• Next by thread: Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]