Re: [PATCH] random: mix all saved registers into entropy pool

From: JÃrn Engel
Date: Wed May 21 2014 - 16:39:57 EST

Next message: David Miller: "Re: [PATCH] vxge: Use time_before()"
Previous message: Paul Bolle: "[PATCH] PM / devfreq: remove checks for CONFIG_EXYNOS_ASV"
In reply to: JÃrn Engel: "Re: [PATCH] random: mix all saved registers into entropy pool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 21 May 2014 21:39:05 +0200, Andi Kleen wrote:
>
> > I think leaking of private keys or similar information is not a
> > concern. But please prove me wrong. Better you now than someone else
> > later.
>
> While I don't have a concrete exploit it seems seems dangerous to me.
> The LibreSSL people just removed a similar behavior from OpenSSL.

Btw, if your concern were justified, that would also speak volumes
about the quality of our random generator - with or without my patch.
Either you are wrong or we have a real problem on our hands already.

JÃrn

--
This above all: to thine own self be true.
-- Shakespeare
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Miller: "Re: [PATCH] vxge: Use time_before()"
Previous message: Paul Bolle: "[PATCH] PM / devfreq: remove checks for CONFIG_EXYNOS_ASV"
In reply to: JÃrn Engel: "Re: [PATCH] random: mix all saved registers into entropy pool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]