[PATCH] getrandom: new applet

Denys Vlasenko vda.linux at googlemail.com
Mon Jul 4 15:02:34 UTC 2016


On Mon, Jul 4, 2016 at 11:00 AM, Etienne Champetier
<champetier.etienne at gmail.com> wrote:
>> BTW, I know that security people would scream bloody murder,
>> but wouldn't
>>
>> cd /proc && cat cpuinfo meminfo stat interrupts diskstats slabinfo
>> schedstat buddyinfo >/dev/random
>>
>> in practice work quite satisfactorily for adding some entropy at boot time?
>
> Your cat /proc/* will be almost identical each boot,

Yes, at boot it is somewhat likely, although I'd like someone
to experiment on a real system.

But you can also run the same command before key generation.
I bet at least pids, allocation counts, and allocation addresses
get randomized pretty fast.

> so no it's not
> adding entropy, or it's re-adding what is already used internaly
> What we are trying to fight here is having the same state between
> multiple reboot of the same router, or between multiple identical
> routers.

I'm sure most of contents of these files are not mixed in to entropy
pool by the kernel. For one, this data comes from a lot of different places:
memory allocator, scheduler, disk IO, even hardware CPU frequency scaling.
Kernel has no code to use all of that, or even half of that, for entropy
collection.

BTW, add to that /proc/net/*. I mean, literally every file (unlike /proc/*,
where you don't want to read everything, "kcore" for one may be "a bit" big).
There are ~50 files in /proc/net/.
Just one example. /proc/net/unix has Inode column for unix sockets.
Those depend on the order how processes have started at boot.
If there is at least some concurrency, inodes will contain some randomness.


More information about the busybox mailing list