tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Patch: rework kernel random number subsystem
On Fri, Oct 21, 2011 at 05:15:55PM -0400, Thor Lancelot Simon wrote:
>
> WARNING: #7 and #8 reveal some kind of synchronization or locking
> bug in this patch. #8 causes the entropy pool to log to
> the console whenever it supplies rekeying entropy. #7
> causes 'sysctl kern.urandom' to read from a cprng_strong
> instance.
>
> Performing around 1000 consecutive such sysctl calls will
> reveal corruption of the cprng_strong state: it is not
> rekeyed (nor should it yet be), but is corrupted in such
> a way that it thinks it has been, triggering the rngtest
> statistical test, which then fails.
The patch at http://www.panix.com/~tls/rnd2.diff addresses the correctness
issues that Christos pointed out but does *not* fix the problem described
above.
Help much appreciated.
Thor
Home |
Main Index |
Thread Index |
Old Index