On Tue, 19 Sept 2023 at 16:20, Laurent Bercot <[email protected]> wrote: > > > Oh boy. Is it that time of the year again already?
Vote for me, it will be Christmas all the days of the year! *ROTFL* On Tue, 19 Sept 2023 at 23:58, Laurent Bercot <[email protected]> wrote: > > >|IIRC writing to /dev/urandom doesn't do what you want it to do. > >|You have to use an ioctl() to actually set entropy. > > > >And that is the sad point about it. > >Kernel hackers should stand up to allow it again! > > As Ted Ts'o said[1], and Donenfeld agreed[2], the problem is that > any user can write to /dev/urandom, including malicious users, so > you cannot credit what they write. > Not every users, those have the permission to write on /dev/urandom ~/j/hr/ramdisk# ls -al /dev/urandom crw-rw-rw- 1 root root 1, 9 Sep 17 23:46 /dev/urandom Usually the allowed user is only root which can execute busybox seedrng as well and it can successfully deliver an ioctl() because it has the privileges to do that otherwise not. The sensitive difference is that seedrng is supposed to deliver good enough random data to the entropy pool and who escalate its running privilege should also tamper the data. However, who can escalate the seeding privilege and be able to tamper its data, can also more easily open a root shell and at that point everything can happen. Therefore the idea for which we need a ioctl() to credit data into the entropy pool - AFAIK, it just prevents a mismatch or a poorly /dev/urandom permission settings - IMHO, instead of a ioctl() I would check the permissions and accept as creditable entropy only when the device /dev/urandom is properly configured (or alternatively in a /sys instance if the kernel driver cannot control the /dev/urandom permission settings). Another point in favour of a iotcl() is a write made for mistake by root. S/he wants write test data on /tmp/urandom but s/he type /dev/urandom. Let me say, good luck to all those who wish to ride on this path because preventing root mistakes is an endless and counterproductive way to waste our life-time especially at the kernel level. On Wed, 20 Sept 2023 at 00:29, Steffen Nurpmeso <[email protected]> wrote: > > The thing is plain. Unix "everything is a file" ("except when it > isn't"; except on Plan9, where it is) is broken by that for no > reason. I did not read the files it is too late, but i would have > stood up and have done it like that. > Instead, this is the best reason because ioctl()s are bad, in general and in particular in this specific case. === However the main question was: why does the kernel not properly initialize the /dev/urandom entropy pool at boot time considering that 99% of the system generates enough entropy at boot time? The scripts were a way to show in practice (PoC) how we can generate that entropy. By the way, seedrng generate a files which is supposed to be written in a persistent filesystem and used by the kernel at the time of the next boot. I wish you notice two facts about this way of doing things: 1. that credit data can be tampered by an attacker that can escalate the priviledges to write on /dev/urandom and 2. the idea that the kernel read a file system file in a certain position is far more complex than hash some chukns of the boot log containing a fine-timing granularity timestamps into the pool of the /dev/urandom entropy. Finally, repeat one more time all together: ioctls() are bad because they are a trick to workaround the limitation of "in UNIX everything is a file" principle and like every principle it establish some limitations for a good reason. Again, again... Best regards, R- _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
