[Cryptography] where shall we put the random-seed?
Ralf Senderek
crypto at senderek.ie
Wed Dec 28 14:12:53 EST 2016
On Tue, 27 Dec 2016, Theodore Ts'o wrote:
> So while it would simplify certain things to store the random seed in
> the kernel image, it would also break a number of things. The fact
> that it would break booting on systems that enforcing UEFI secure boot
> probably means that Linux distribution wouldn't find this approach to
> be particularly attractive.
I cannot see any advantage in favour of overwriting the kernel image.
Once the kernel can get another parameter in form of a file name stored
in the same file system as the kernel itself, then kernel code can use it
to initialize the RNG properly from the start. In any case the bootloader
has to provide this information, be it grub reading a file in /boot or
isolinux in case of booting a CD getting this information from the ISO
file system. Making it a part of the kernel image IMHO only complicates
things and opens another attack surface on the kernel.
The main thing might be to teach the kernel to _expect_ such a parameter
and to evaluate the information provided as early as possible, certainly
within the first second after the kernel gets control.
--ralf
More information about the cryptography
mailing list