[systemd-devel] [tytso at mit.edu: Re: Linux messages full of `random: get_random_u32 called from`]
Vito Caputo
vcaputo at pengaru.com
Wed May 2 01:08:09 UTC 2018
Hello systemd-devel,
There's an ongoing discussion @ lkml about early boot random number
entropy, or the lack of it, and how it may hang systemd-using instances
from booting indefinitely.
Ted Ts'o is questioning the validity of journal-authenticate's early
random number usage, maybe some of you care to comment.
Please find the forwarded message below.
Regards,
Vito Caputo
----- Forwarded message from "Theodore Y. Ts'o" <tytso at mit.edu> -----
Date: Tue, 1 May 2018 20:56:04 -0400
From: "Theodore Y. Ts'o" <tytso at mit.edu>
To: Sultan Alsawaf <sultanxda at gmail.com>
Cc: Justin Forbes <jmforbes at linuxtx.org>, Jeremy Cline <jeremy at jcline.org>, Pavel
Machek <pavel at ucw.cz>, LKML <linux-kernel at vger.kernel.org>, Jann Horn
<jannh at google.com>
Subject: Re: Linux messages full of `random: get_random_u32 called from`
User-Agent: Mutt/1.9.5 (2018-04-13)
On Tue, May 01, 2018 at 05:43:17PM -0700, Sultan Alsawaf wrote:
>
> I've attached what I think is a reasonable stopgap solution until this is
> actually fixed. If you're willing to revert the CVE-2018-1108 patches
> completely, then I don't think you'll mind using this patch in the meantime.
I would put it slightly differently; reverting the CVE-2018-1108
patches is less dangerous than what you are proposing in your attached
patch.
Again, I think the right answer is to fix userspace to not require
cryptographic grade entropy during early system startup, and for
people to *think* about what they are doing. I've looked at the
systemd's use of hmac in journal-authenticate, and as near as I can
tell, there isn't any kind of explanation about why it was necessary,
or what threat it was trying to protect against.
- Ted
----- End forwarded message -----
More information about the systemd-devel
mailing list