* Ralf Schlatterbeck <[email protected]> [07/05/2017 13:31:19] wrote: > On Sat, May 06, 2017 at 05:06:03PM +0200, Aaron Zauner wrote: > > > > This is simply wrong and misquotes the information provided in the > > cited factorable.net paper (compare to "Experiment" in Section 5.1). > > The issue of "boot time entropy" only affects the very first boot-up > > of a machine or VM. States are saved across reboots. > > Um, no. On many embedded system there is no persistent filesystem. So > this happens on *every* reboot. Affected systems are WLAN routers and > many other embedded systems with a read-only flash filesystem (e.g. > webcams).
Right. There's no easy fix for this an mainline kernel devs have been arguing about the issue for at least 10 years. What I gather from friends that actually work on developing embedded boards / devices and hence kernel patches is that they have to deal with this issue on a per-board basis. For example: there're embedded devices that do not have a Real Time Clock (RTC) nor any network connections, it's essentially impossible to gather "solid" entropy for these devices without ugly kernel hacks. On current Kernels you'll get a `kprintf` message in case there's a read from uninitialized urandom: ``` azet@orpheus ~ % sudo dmesg | grep random [sudo] password for azet: [ 1.194033] random: systemd-udevd: uninitialized urandom read (16 bytes read) [ 1.194073] random: systemd-udevd: uninitialized urandom read (16 bytes read) [ 1.194078] random: systemd-udevd: uninitialized urandom read (16 bytes read) [ 1.194083] random: systemd-udevd: uninitialized urandom read (16 bytes read) [ 1.194636] random: udevadm: uninitialized urandom read (16 bytes read) [ 1.194656] random: udevadm: uninitialized urandom read (16 bytes read) [ 1.195327] random: udevadm: uninitialized urandom read (16 bytes read) [ 1.195365] random: udevadm: uninitialized urandom read (16 bytes read) [ 1.195372] random: udevadm: uninitialized urandom read (16 bytes read) [ 1.195509] random: udevadm: uninitialized urandom read (16 bytes read) [ 2.139169] random: fast init done [ 9.542377] random: crng init done ``` (related to: https://patchwork.kernel.org/patch/9173499/) In any case, I fail to see how haveged can improve this situation in any way. Quite to the contraty. Any I'm not sure we are able to give a solid recommendation for these devices within our guide. Aaron
signature.asc
Description: PGP signature
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
