[systemd-devel] Why we need to read/save random seed?

Lennart Poettering lennart at poettering.net
Sun Jun 14 14:41:37 PDT 2015


On Sun, 14.06.15 14:11, Cristian Rodríguez (cristian.rodriguez at opensuse.org) wrote:

> On Sun, Jun 14, 2015 at 1:43 PM, Greg KH <gregkh at linuxfoundation.org> wrote:
> > On Sun, Jun 14, 2015 at 12:49:55PM -0300, Cristian Rodríguez wrote:
> >>
> >> El jun. 14, 2015 10:21, "cee1" <fykcee1 at gmail.com> escribió:
> >> >
> >> > Hi all,
> >> >
> >> > Why we need to read/save random seed? Can it be read from /dev/random each
> >> time?
> >>
> >> Because the kernel is borked and still is needs to be fed of entropy at system
> >> startup by user space. Please read the random man page.
> >>
> >> I agree we shouldn't have to do this at all..
> >
> > Really?  And how do you suggest we "fix" the kernel when the hardware
> > itself doesn't provide us with a proper random number "seed" in the
> > first place?  What do you suggest we do instead?
> 
> Las time I checked , it required this userspace help even when the
> machine has rdrand/rdseed or when a virtual machine is fed from the
> host using the virtio-rng driver.. (may take up to 60 seconds to
> report

I am pretty sure that even if you have rdrand/rdseed you want to seed
the system with randomness from a previous boot, simply because you
might not want to trust the CPU's RNG. Sure, it's great that Intel
CPUs have that now, but given the circumstances, are you sure the stuff
is not backdoored by your three-letter agency of choice?

I mean, this is a bit like with modern SSDs with hardware encryption:
it's great that they have this, but can you really trust it?

Haveing the hdd crypto stuff in kernel, and a random seed that is not
just the CPU's own hwrng has the benefit that the sources are open and
you review what's going on. That much harder with silicon you buy in
a shop.

Lennart

-- 
Lennart Poettering, Red Hat


More information about the systemd-devel mailing list