Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers

>
> OK, here goes...
>
> 1 - by eliminating feeding enthopy from network cards you are

Keep up, folks, I dropped that position in the very first round of replies.

As I said at the beginning of this thread, I'm perfectly happy to
continue taking samples from network devices. My concerns are entirely
with how we account their entropy, which is strictly in the realm of
theory to start with.


ok, now I get it...


> 2 - some platforms have much better enthropy sources than ethernet (or
> user input), just think hardware rngs, or even the sound card rng
> thing mentioned above

Point?


Point is, sometimes you have plenty of enthropy available and
sometimes you only have the network card (and maybe an HD). Two
different situations, in one of them we can accept (it's even beter)
not acquiring enthropy from the network card completely.


> 3 - as people said, your example (CRC-16 on specific platfoms) is
> (IMHO) an exxageration.

Yes, CRC-16 was a rhetorical device. MD4 would not have been. HZ=100
is not an exaggeration.


Agreed

Odds are pretty good you have such a Linux box

in the form of a router or such already. This completely invalidates
all the arguments about the hardware making the timing too
unpredictable as it does so on a timescale of microseconds or less.


Yes, that situation is pretty common.

Here is my point: I don't think the kernel shoud "try very hard" to
fix "lack of good enthropy sources". Yes, you've presented situations
where someone (ultimately) could guess what is being read from
/dev/random.

In practice, though, it should ultimatelly fall upon the
end-user/developer to have a system with good enough (for him/her)
enthropy sources. If he is happy with lots of "bad enthropy" so be it.
Hovever, if he wants / needs to be sure that /dev/random is not
predictable, (IMHO) he can always plug a hardware RNG and only read
from that (hence what I said about configuring who are your enthropy
sources).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

References:
- Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
  - From: Matt Mackall <[email protected]>
- Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
  - From: Theodore Tso <[email protected]>
- Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
  - From: Matt Mackall <[email protected]>
- Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
  - From: "David S. Miller" <[email protected]>
- Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
  - From: Matt Mackall <[email protected]>
- Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
  - From: "Thiago Galesi" <[email protected]>
- Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
  - From: Matt Mackall <[email protected]>

Prev by Date: Re: sched_clock() uses are broken
Next by Date: [PATCH] ensure NULL deref can't possibly happen in is_exported()
Previous by thread: Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
Next by thread: Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]