Re: Why does reading from /dev/urandom deplete entropy so much?

Matt Mackall wrote:

which would have been in v2.6.22-rc4 through the normal CVE process.
The only other bits in there are wall time and utsname, so systems
with no CMOS clock would behave repeatably. Can we find out what
kernels are affected?

We can but it will likely take a few weeks to get a good sampling. UUIDis unique in the db so when someone checks in with the same UUID, theold one gets overwritten. I'll have to do regular copies of what theUUID holds over time. Smolt schedules a monthly check in which weliterally just missed a few days ago.

We seen a huge number of duplicates for certain values:

>From Mike McGrath (added to Cc)

Here's the top 5:

   266 28caf2c3-9766-4fe1-9e4c-d6b0ba8a0132
   336 810e7126-1c69-4aff-b8b1-9db0fa8aa15a
   402 c8dbb9d3-a9bd-4ba6-b92e-4a294ba5a95f
   884 06e84493-e024-44b1-9b32-32d78af04039
   931 e2b67e1d-e325-4740-b938-795addb45280

The left number is times this month someone has submitted a profile with
that UUID.  If we take the last one as an example has come from over 800
IP's in the last 20 days.  It seems very unlikely that one person would
find his way to 800 different IP's this month.  Let me know if you'd
like more.


Any other details would be interesting.

We'll be able to get lots of stuff. Here's a profile of whats currentlyin e2b67e1d-e325-4740-b938-795addb45280.


u_u_id: e2b67e1d-e325-4740-b938-795addb45280
o_s: Fedora release 7.92 (Rawhide)
platform: i686
bogomips: 3660.33
system_memory: 2025
system_swap: 964
vendor: Sony Corporation
system: VGN-FE31Z C3LMPJWX
cpu_vendor: GenuineIntel
cpu_model: Intel(R) Core(TM)2 CPU T
num_cp_us: 2
cpu_speed: 1833
language: en_US.UT
default_runlevel: 5
kernel_version: 2.6.23.1-23.fc8
formfactor: laptop
last_modified: 2007-10-02 04:22:42
rating: 3
selinux_enabled: 1
selinux_enforce: targeted

I'll grab the suspect UUID profiles over time to see what we end up with.

-Mike
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Matt Mackall <[email protected]>

References:
- Why does reading from /dev/urandom deplete entropy so much?
  - From: Marc Haber <[email protected]>
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Adrian Bunk <[email protected]>
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: "Ray Lee" <[email protected]>
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Alan Cox <[email protected]>
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Matt Mackall <[email protected]>
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Theodore Tso <[email protected]>
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Alan Cox <[email protected]>
- Re: Why does reading from /dev/urandom deplete entropy so much?
  - From: Matt Mackall <[email protected]>

Prev by Date: Re: [-mm PATCH] kallsyms should prefer non weak symbols
Next by Date: Re: Kernel Development & Objective-C
Previous by thread: Re: Why does reading from /dev/urandom deplete entropy so much?
Next by thread: Re: Why does reading from /dev/urandom deplete entropy so much?
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]