Hello systemd-devel,
There's an ongoing discussion @ lkml about early boot random number
entropy, or the lack of it, and how it may hang systemd-using instances
from booting indefinitely.
Ted Ts'o is questioning the validity of journal-authenticate's early
random number usage, maybe some of you care to comment.
Please find the forwarded message below.
Regards,
Vito Caputo
----- Forwarded message from "Theodore Y. Ts'o" <ty...@mit.edu> -----
Date: Tue, 1 May 2018 20:56:04 -0400
From: "Theodore Y. Ts'o" <ty...@mit.edu>
To: Sultan Alsawaf <sultan...@gmail.com>
Cc: Justin Forbes <jmfor...@linuxtx.org>, Jeremy Cline <jer...@jcline.org>,
Pavel
Machek <pa...@ucw.cz>, LKML <linux-ker...@vger.kernel.org>, Jann Horn
<ja...@google.com>
Subject: Re: Linux messages full of `random: get_random_u32 called from`
User-Agent: Mutt/1.9.5 (2018-04-13)
On Tue, May 01, 2018 at 05:43:17PM -0700, Sultan Alsawaf wrote:
>
> I've attached what I think is a reasonable stopgap solution until this is
> actually fixed. If you're willing to revert the CVE-2018-1108 patches
> completely, then I don't think you'll mind using this patch in the meantime.
I would put it slightly differently; reverting the CVE-2018-1108
patches is less dangerous than what you are proposing in your attached
patch.
Again, I think the right answer is to fix userspace to not require
cryptographic grade entropy during early system startup, and for
people to *think* about what they are doing. I've looked at the
systemd's use of hmac in journal-authenticate, and as near as I can
tell, there isn't any kind of explanation about why it was necessary,
or what threat it was trying to protect against.
- Ted
----- End forwarded message -----
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
