On Thu, 21 Sept 2023 at 09:24, Roberto A. Foglietta
wrote:
>
> I consider this interface one of the brokest seen in the UNIX domain
> ever. Despite this, I am reluctant in wishing that it would be
> completely changed because breaking the back-compatibility with
> 30years old production systems
On Sat, 23 Sept 2023 at 16:54, Roberto A. Foglietta
wrote:
>
> On Sat, 23 Sept 2023 at 16:30, Steffen Nurpmeso wrote:
> >
> > Roberto A. Foglietta wrote in
> > :
> > |On Thu, 21 Sept 2023 at 20:05, Steffen Nurpmeso
> > wrote:
> > |>|IMHO, I vote for /sys rather than /proc/debug. The
On Sat, 23 Sept 2023 at 16:30, Steffen Nurpmeso wrote:
>
> Roberto A. Foglietta wrote in
> :
> |On Thu, 21 Sept 2023 at 20:05, Steffen Nurpmeso wrote:
> |>|IMHO, I vote for /sys rather than /proc/debug. The capability to
>
> There already _is_ a debugfs interface?
Nothing which is
Roberto A. Foglietta wrote in
:
|On Thu, 21 Sept 2023 at 20:05, Steffen Nurpmeso wrote:
|>|IMHO, I vote for /sys rather than /proc/debug. The capability to
There already _is_ a debugfs interface?
This must be new then. I do not have debugfs no more, it is of no
use for me. Sorry if i have
On Thu, 21 Sept 2023 at 20:05, Steffen Nurpmeso wrote:
> |IMHO, I vote for /sys rather than /proc/debug. The capability to
>
> There is /proc/sys/kernel/random.
>
> |directly handle the system entropy pool should be an Admin privilege
> |even before being a debug option. As well as disable
Roberto A. Foglietta wrote in
:
|On Thu, 21 Sept 2023 at 02:35, Steffen Nurpmeso wrote:
|>
|> Steffen Nurpmeso wrote in
|> <20230919222910.pn44y%stef...@sdaoden.eu>:
|>|Laurent Bercot wrote in
|>| :
|>||>|IIRC writing to /dev/urandom doesn't do what you want it to do.
|>||>|You have to
On Thu, 21 Sept 2023 at 02:35, Steffen Nurpmeso wrote:
>
> Steffen Nurpmeso wrote in
> <20230919222910.pn44y%stef...@sdaoden.eu>:
> |Laurent Bercot wrote in
> | :
> ||>|IIRC writing to /dev/urandom doesn't do what you want it to do.
> ||>|You have to use an ioctl() to actually set entropy.
>
Steffen Nurpmeso wrote in
<20230919222910.pn44y%stef...@sdaoden.eu>:
|Laurent Bercot wrote in
| :
||>|IIRC writing to /dev/urandom doesn't do what you want it to do.
||>|You have to use an ioctl() to actually set entropy.
||>
||>And that is the sad point about it.
||>Kernel hackers should
On Wed, 20 Sept 2023 at 18:52, Didier Kryn wrote:
>
> It is the rationale of everything /run to be lost on reboot.
>
Thanks Didier, for having highlighted this. Currently, everything is
on RAM in the embedded system I am working on.
___
busybox
Le 20/09/2023 à 07:51, Roberto A. Foglietta a écrit :
The reason because it exists the ioctl() is well explained here
https://stackoverflow.com/questions/17118705/using-rndaddentropy-to-add-entropy-to-dev-random
which refers to the man page
https://man7.org/linux/man-pages/man4/random.4.html
On Wed, 20 Sept 2023 at 07:06, Roberto A. Foglietta
wrote:
> Finally, repeat one more time all together: ioctls() are bad because
> they are a trick to workaround the limitation of "in UNIX everything
> is a file" principle and like every principle it establish some
> limitations for a good
On Tue, 19 Sept 2023 at 16:20, Laurent Bercot wrote:
>
>
> Oh boy. Is it that time of the year again already?
Vote for me, it will be Christmas all the days of the year! *ROTFL*
On Tue, 19 Sept 2023 at 23:58, Laurent Bercot wrote:
>
> >|IIRC writing to /dev/urandom doesn't do what you want
Laurent Bercot wrote in
:
|
|>|IIRC writing to /dev/urandom doesn't do what you want it to do.
|>|You have to use an ioctl() to actually set entropy.
|>
|>And that is the sad point about it.
|>Kernel hackers should stand up to allow it again!
|
| As Ted Ts'o said[1], and Donenfeld
|IIRC writing to /dev/urandom doesn't do what you want it to do.
|You have to use an ioctl() to actually set entropy.
And that is the sad point about it.
Kernel hackers should stand up to allow it again!
As Ted Ts'o said[1], and Donenfeld agreed[2], the problem is that
any user can write
Laurent Bercot wrote in
:
...
| The answer's to Roberto's first question is: yes, initializing
|/dev/urandom is necessary, but writing stuff to /dev/urandom will not
|help, even if you consider that stuff random enough. You need a specific
|tool like seedrng.
No.
...
| For the second
David Laight wrote in
<1628d46df2fb4580b474fd0ea43a5...@acums.aculab.com>:
|> Fine, then use > (write) to reset the entropy and >> (append) to \
|> add entropy.
|
|IIRC writing to /dev/urandom doesn't do what you want it to do.
|You have to use an ioctl() to actually set entropy.
And that
Oh boy. Is it that time of the year again already?
In case the /dev/urandom initialisation is a necessity (or a best
practice), does it make sense to add it into busybox as an option or
as an application?
So, there are two different things to address here:
1. the way to add entropy to
> Fine, then use > (write) to reset the entropy and >> (append) to add entropy.
IIRC writing to /dev/urandom doesn't do what you want it to do.
You have to use an ioctl() to actually set entropy.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT,
UK
On Tue, 19 Sept 2023 at 14:06, Roberto A. Foglietta
wrote:
>
> On Tue, 19 Sept 2023 at 13:30, Rob Landley wrote:
> As the first init instruction or as the last kernel boot operation, is
> THE general answer also when it is not the solution. Some systems need
> a more dedicated effort but in no
On Tue, 19 Sept 2023 at 14:06, Roberto A. Foglietta
wrote:
>
> On Tue, 19 Sept 2023 at 13:30, Rob Landley wrote:
> dmesg | sha512sum > /dev/urandom
Oops, sorry because the sha512sum command-line prints a human readable
16 chars based string
dmesg | pigz -4c | dd bs=64 skip=1 > /dev/urandom
On Tue, 19 Sept 2023 at 13:30, Rob Landley wrote:
>
> Modern "software" entropy collection is mostly timing jitter collected very
> slowly as the system runs. The theory for embedded devices was if you have
> some
> writeable space in the device you save a few hundred bytes of /dev/urandom
>
This is also a problem with many virtual appliances. There is no easy
answer to this kernel bootup entropy problem and it is lamentable that
solutions are delegated to user space, and even to scripts, and to
non-experts who will do a bad job of it but not know it.
You may as well feed what random
El martes, 19 de septiembre de 2023, Roberto A. Foglietta <
roberto.foglie...@gmail.com> escribió:
>
> Guillermo confused the information with the entropy.
>
> I didn’t confuse anything. Please leave me out of your arguments, thank
you.
> Guillermo is getting mad and screaming
>
>
:-?
You
On 9/19/23 01:36, Roberto A. Foglietta wrote:
On Tue, 19 Sept 2023 at 03:25, Michael Conrad
wrote:
On 9/18/23 06:14, Guillermo Rodriguez Garcia wrote:
everything is compressed with gzip -7. This is the worst
scenario.
However, even in the worst scenario due to
On Tue, 19 Sept 2023 at 03:25, Michael Conrad
wrote:
> On 9/18/23 06:14, Guillermo Rodriguez Garcia wrote:
>
> everything is compressed with gzip -7. This is the worst scenario.
>> However, even in the worst scenario due to gzip one single bit of
>> difference in the input generates a completely
On 9/18/23 06:14, Guillermo Rodriguez Garcia wrote:
everything is compressed with gzip -7. This is the worst scenario.
However, even in the worst scenario due to gzip one single bit of
difference in the input generates a completely different compressed
output:
Compression (or
Hi Roberto,
El lun, 18 sept 2023 a las 11:54, Roberto A. Foglietta (<
roberto.foglie...@gmail.com>) escribió:
> On Mon, 18 Sept 2023 at 11:20, Guillermo Rodriguez Garcia
> wrote:
> >
> >> # RAF: seeding the urandom device with some data and a few bits of
> randomness.
> >> # The randomness
On Mon, 18 Sept 2023 at 11:20, Guillermo Rodriguez Garcia
wrote:
>
>> # RAF: seeding the urandom device with some data and a few bits of
>> randomness.
>> # The randomness is put at the beginning of some text data, which is
>> going
>> # to be compressed. It is expected that the whole
El lun, 18 sept 2023 a las 9:42, Roberto A. Foglietta (<
roberto.foglie...@gmail.com>) escribió:
> Hi all,
>
> I am investigating the Android init procedure (one version, one
> device, not in general) and I found an interesting line about the
> initialization of the /dev/urandom (seeding, I
On Mon, 18 Sept 2023 at 10:11, Jeff Pohlmeyer wrote:
>
> On Mon, Sep 18, 2023 at 2:42 AM Roberto A. Foglietta
> wrote:
>
> > In case the /dev/urandom initialisation is a necessity (or a best
> > practice), does it make sense to add it into busybox as an option or
> > as an application?
>
> If
On Mon, Sep 18, 2023 at 2:42 AM Roberto A. Foglietta
wrote:
> In case the /dev/urandom initialisation is a necessity (or a best
> practice), does it make sense to add it into busybox as an option or
> as an application?
If you are able to update to a newer version of busybox, you might
want to
Hi all,
I am investigating the Android init procedure (one version, one
device, not in general) and I found an interesting line about the
initialization of the /dev/urandom (seeding, I suppose).
cat /proc/cmdline > /dev/urandom
Therefore, I developed a more sophisticated way to do that
32 matches
Mail list logo
