On Wed, Nov 14, 2012 at 1:09 PM, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote: > On Tue, 6 Nov 2012 23:13:54 -0800 > Kees Cook <keescook@xxxxxxxxxxxx> wrote: > >> On Tue, Nov 6, 2012 at 11:02 PM, Jeff Liu <jeff.liu@xxxxxxxxxx> wrote: >> > On 11/07/2012 02:21 PM, Kees Cook wrote: >> >> I still want to hear at least from Ted about this changes -- we would >> >> be potentially increasing the predictability of these bytes... >> > >> > We would not increasing that if this routine would be used for AT_RANDOM >> > only(and if the array keeping aligned to 4 bytes). >> > Otherwise, it would be, so let's waiting for further feedbacks. >> >> get_random_int() comes from a different pool than get_random_bytes(), >> IIUC. I'd like to hear some convincing reasoning as to why this change >> doesn't compromise predictability. :) > > But the original "ELF: implement AT_RANDOM for glibc PRNG seeding" > compromised predictability. That's the whole point of this patch. It doesn't compromise predictability. It just used entropy. The idea was that userspace had an actual need for it. > What was so important about that patch that justified gobbling down so > much of the system's entropy accumulation? That does seem to be the core question here. If Ted doesn't think this patch is a problem, then I don't object. Mostly I just had questions about the strength of these various RNGs. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
