Re: [kernel-hardening] [PATCH] random: warn when kernel uses unseeded randomness

From: Theodore Ts'o
Date: Wed Jun 21 2017 - 16:39:11 EST

Next message: Stefano Stabellini: "Re: [PATCH v4 12/18] xen/pvcalls: implement poll command"
Previous message: Maxime Ripard: "Re: [PATCH v2 1/3] input: sun4i-a10-lradc-keys: Add support for A83T"
In reply to: Michael Ellerman: "Re: [kernel-hardening] [PATCH] random: warn when kernel uses unseeded randomness"
Next in thread: Jason A. Donenfeld: "Re: [kernel-hardening] [PATCH] random: warn when kernel uses unseeded randomness"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jun 21, 2017 at 04:06:49PM +1000, Michael Ellerman wrote:
> All the distro kernels I'm aware of have DEBUG_KERNEL=y.
>
> Where all includes at least RHEL, SLES, Fedora, Ubuntu & Debian.
>
> So it's still essentially default y.
>
> Emitting *one* warning by default would be reasonable. That gives users
> who are interested something to chase, they can then turn on the option
> to get the full story.
>
> Filling the dmesg buffer with repeated warnings is really not helpful.

I agree completely with all of this. The following patch replaces the
current topmost patch on the random.git tree:

Next message: Stefano Stabellini: "Re: [PATCH v4 12/18] xen/pvcalls: implement poll command"
Previous message: Maxime Ripard: "Re: [PATCH v2 1/3] input: sun4i-a10-lradc-keys: Add support for A83T"
In reply to: Michael Ellerman: "Re: [kernel-hardening] [PATCH] random: warn when kernel uses unseeded randomness"
Next in thread: Jason A. Donenfeld: "Re: [kernel-hardening] [PATCH] random: warn when kernel uses unseeded randomness"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]