Re: [PATCH 07/12] random: use the arch-specific rng inxfer_secondary_pool

[Ben Hutchings]

On Sat, 2012-07-07 at 21:41 -0400, Theodore Ts'o wrote:
> On Sun, Jul 08, 2012 at 02:06:46AM +0100, Ben Hutchings wrote:
> > 
> > Surely the number of random bytes being added is i * sizeof(long), not
> > sizeof(u.hwrand)?
> > 
> 
> Meh; Kees Cook has made the same observation.  Basically, in the
> unlikely case where RDRAND fails, we'll end up mixing in stack
> garbage.  It's not a security vulnerability, since the contents of the
> entropy pool never gets exposed.  In fact, one could argue that mixing
> in some unknown garbage from the kernel stack might actually help a
> little; but it can't hurt.

Sorry, I realised after reading further that there's no entropy being
credited.  However, I expect that kmemcheck will complain unless you
limit the used length or call kmemcheck_mark_initialized().

Ben.

-- 
Ben Hutchings
Life would be so much easier if we could look at the source code.

Attachment: signature.asc
Description: This is a digitally signed message part