Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)

To: Steven Chamberlain <steven@pyro.eu.org>
Cc: Henrique de Moraes Holschuh <hmh@debian.org>, debian-security@lists.debian.org, debian-kernel@lists.debian.org, "debian-bsd@lists.debian.org" <debian-bsd@lists.debian.org>, team@security.debian.org
Subject: Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)
From: Robert Millan <rmh@debian.org>
Date: Tue, 14 Jan 2014 23:38:03 +0100
Message-id: <[🔎] 52D5BC4B.90001@debian.org>
In-reply-to: <[🔎] 52D5AB5F.10508@pyro.eu.org>
References: <52ABA9E0.2060003@debian.org> <20131214010823.GC26925@khazad-dum.debian.net> <52AE28D1.3040507@debian.org> <[🔎] 52D5AB5F.10508@pyro.eu.org>

On 14/01/2014 22:25, Steven Chamberlain wrote:
> Thankfully wheezy's 9.0 and 8.3 kernels had not enabled
> either of those RNGs yet.

Are you sure? This is from 9.0:

void
random_ident_hardware(struct random_systat *systat)
{

        /* Set default to software */
        *systat = random_yarrow;

        /* Then go looking for hardware */
#if defined(__i386__) && !defined(PC98)
        if (via_feature_rng & VIA_HAS_RNG) {
                *systat = random_nehemiah;
        }
#endif
}

-- 
Robert Millan

Reply to:

Follow-Ups:
- Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)
  - From: Steven Chamberlain <steven@pyro.eu.org>

References:
- Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)
  - From: Steven Chamberlain <steven@pyro.eu.org>

Prev by Date: Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)
Next by Date: Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)
Previous by thread: Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)
Next by thread: Re: possible /dev/random compromise (misplaced trust in RDRAND / Padlock entropy sources)
Index(es):
- Date
- Thread