I have two questions about this mechanisms. First, how it comes that only PID and unitialized memory is feed to OpenSSL's PRNG? The other comments indicate that there are systems specific feeds (like /dev/random) in sources, yet Debian one only used PID and this uninitialized buffer. Second, let's say that offending patch is removed, and PRNG is seeded from PID and unitialized memory. How big is this buffer? This matters, because on Linux malloc()s larger than certain size (128k?) are done via mmap(). And kernel zeores mmaped memory. Thus, if buffer used as entropy was allocated as big enough by malloc(), it would end zeroed. And _even reverting_ this patch won't help, as this buffer would still be zeroed. On every Linux, not only Debian. Of course this buffer may be statically allocated, but this raises another question. I presume various "hardening" patchsets would clear all memory before passing it to applications, just to mitigate posssibly information disclosure. Won't this actions defeat seeding PRG with unitialized memory ?
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds